CVE-2005-1937

CVE Database · CVE-2005-1937

CVE-2005-1937

· N/AModified

CVSS v3.1

N/A

EPSS

2.59%

Published

Jun 14, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

Affected Products (2)

mozilla · firefoxvulnerable

mozilla · mozillavulnerable

References (20)

http://secunia.com/advisories/15601

http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101952-1

http://www.debian.org/security/2005/dsa-777

http://www.debian.org/security/2005/dsa-810

http://www.mozilla.org/security/announce/mfsa2005-51.html

http://www.novell.com/linux/security/advisories/2005_18_sr.html

http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

http://www.redhat.com/support/errata/RHSA-2005-586.html

http://www.redhat.com/support/errata/RHSA-2005-587.html

http://www.securityfocus.com/bid/14242

KEV Catalog EPSS Scores Vendors All CVEs