Security Advisory

CVE-2005-0401

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-03-24 05:00:00

Last updated 2024-08-07 21:13:54

Assigner redhat

State PUBLISHED

Description

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

← Browse all CVEs View on cve.org ↗