Launchpad CVE tracker

CVE 2005-0231

Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

Related bugs and status

CVE-2005-0231 (Candidate) is related to these bugs:

Bug #11193: [warty] Firefox Window Injection Vulnerability

Summary				In	Importance	Status
	11193	[warty] Firefox Window Injection Vulnerability		firefox (Ubuntu)	Critical	Fix Released

Bug #12662: Typing comma on Firefox with num pad prints pipe on the screen

Summary				In	Importance	Status
	12662	Typing comma on Firefox with num pad prints pipe on the screen		firefox (Ubuntu)	Medium	Fix Released

Bug #12706: [warty] Two problems in Firefox

Summary				In	Importance	Status
	12706	[warty] Two problems in Firefox		firefox (Ubuntu)	High	Fix Released
	12706	[warty] Two problems in Firefox		firefox (Debian)	Unknown	Fix Released

Bug #12947: In some websites, Hebrew is shown reverse

Summary				In	Importance	Status
	12947	In some websites, Hebrew is shown reverse		firefox (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2005-0231

References