CVE-2005-2265

Publication date 13 July 2005

Last updated 24 July 2024

Ubuntu priority

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mozilla	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.7.12-1.1ubuntu2
	6.06 LTS dapper	Fixed 1.7.12-1.1ubuntu2
mozilla-thunderbird	7.04 feisty	Fixed 1.5.0.13-0ubuntu0.7.04
	6.10 edgy	Fixed 1.5.0.13-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 1.5.0.13-0ubuntu0.6.06

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-155-1
Mozilla vulnerabilities
27 July 2005

USN-157-1
Mozilla Thunderbird vulnerabilities
1 August 2005

USN-149-3
Ubuntu 4.10 update for Firefox vulnerabilities
28 July 2005

USN-149-1
Firefox vulnerabilities
21 July 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2265