CVE-2005-2264

Publication date 13 July 2005

Last updated 17 July 2025

Ubuntu priority

Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-149-3
Ubuntu 4.10 update for Firefox vulnerabilities
28 July 2005

USN-149-1
Firefox vulnerabilities
21 July 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2264