CVE-2005-1155

CVE Database · CVE-2005-1155

CVE-2005-1155

· N/AModified

CVSS v3.1

N/A

EPSS

8.28%

Published

May 2, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."

Weaknesses (CWE)

CWE-94

Affected Products (34)

mozilla · firefoxvulnerable

· firefox

References (20)

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://secunia.com/advisories/14938

PatchVendor Advisory

http://secunia.com/advisories/14992

PatchVendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/973309

PatchThird Party AdvisoryUS Government Resource

http://www.mikx.de/firelinking/

Exploit

KEV Catalog EPSS Scores Vendors All CVEs