CVE-2005-2267

Publication date 13 July 2005

Last updated 17 July 2025

Ubuntu priority

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-149-1
Firefox vulnerabilities
21 July 2005

USN-149-3
Ubuntu 4.10 update for Firefox vulnerabilities
28 July 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2267