CVE-2005-2269 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-2269 Interim 1 4 2023-12-09T02:21:48Z current 2021-05-30T12:33:03Z 2023-12-09T02:21:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-2269 Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing"). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TUERY4MPJFOOKSHHL2QNDSEJ25ODVHEI/#TUERY4MPJFOOKSHHL2QNDSEJ25ODVHEI E-Mail link for SUSE-SA:2005:045 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/X3YEJBX7PCPEXDVVJSDPHPYP2KMMKMZW/#X3YEJBX7PCPEXDVVJSDPHPYP2KMMKMZW E-Mail link for SUSE-SA:2006:022 https://www.suse.com/support/security/rating/ SUSE Security Ratings Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing"). CVE-2005-2269 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P