← Back to CVEs

CVE-2007-0981

N/A

Description

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

CVE Details

CVSS v3.1 ScoreN/A

Published2/16/2007

Last Modified4/23/2026

Sourcenvd

Honeypot Sightings0

Affected Products

mozilla:firefoxmozilla:seamonkey

Weaknesses (CWE)

CWE-264

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc(cve@mitre.org)

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc(cve@mitre.org)

http://fedoranews.org/cms/node/2713(cve@mitre.org)

http://fedoranews.org/cms/node/2728(cve@mitre.org)

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742(cve@mitre.org)

http://lcamtuf.dione.cc/ffhostname.html(cve@mitre.org)

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html(cve@mitre.org)

http://rhn.redhat.com/errata/RHSA-2007-0077.html(cve@mitre.org)

http://secunia.com/advisories/24175(cve@mitre.org)

http://secunia.com/advisories/24205(cve@mitre.org)

http://secunia.com/advisories/24238(cve@mitre.org)

http://secunia.com/advisories/24287(cve@mitre.org)

http://secunia.com/advisories/24290(cve@mitre.org)

http://secunia.com/advisories/24293(cve@mitre.org)

http://secunia.com/advisories/24320(cve@mitre.org)

http://secunia.com/advisories/24328(cve@mitre.org)

http://secunia.com/advisories/24333(cve@mitre.org)

http://secunia.com/advisories/24342(cve@mitre.org)

http://secunia.com/advisories/24343(cve@mitre.org)

http://secunia.com/advisories/24384(cve@mitre.org)

http://secunia.com/advisories/24393(cve@mitre.org)

http://secunia.com/advisories/24395(cve@mitre.org)

http://secunia.com/advisories/24437(cve@mitre.org)

http://secunia.com/advisories/24455(cve@mitre.org)

http://secunia.com/advisories/24457(cve@mitre.org)

http://secunia.com/advisories/24650(cve@mitre.org)

http://secunia.com/advisories/25588(cve@mitre.org)

http://security.gentoo.org/glsa/glsa-200703-04.xml(cve@mitre.org)

http://securityreason.com/securityalert/2262(cve@mitre.org)

http://securitytracker.com/id?1017654(cve@mitre.org)

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131(cve@mitre.org)

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851(cve@mitre.org)

http://www.debian.org/security/2007/dsa-1336(cve@mitre.org)

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml(cve@mitre.org)

http://www.kb.cert.org/vuls/id/885753(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050(cve@mitre.org)

http://www.mozilla.org/security/announce/2007/mfsa2007-07.html(cve@mitre.org)

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html(cve@mitre.org)

http://www.osvdb.org/32104(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2007-0078.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2007-0079.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2007-0097.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2007-0108.html(cve@mitre.org)

http://www.securityfocus.com/archive/1/460126/100/200/threaded(cve@mitre.org)

http://www.securityfocus.com/archive/1/460217/100/0/threaded(cve@mitre.org)

http://www.securityfocus.com/archive/1/461336/100/0/threaded(cve@mitre.org)

http://www.securityfocus.com/archive/1/461809/100/0/threaded(cve@mitre.org)

http://www.securityfocus.com/bid/22566(cve@mitre.org)

http://www.ubuntu.com/usn/usn-428-1(cve@mitre.org)

http://www.vupen.com/english/advisories/2007/0624(cve@mitre.org)

http://www.vupen.com/english/advisories/2007/0718(cve@mitre.org)

http://www.vupen.com/english/advisories/2008/0083(cve@mitre.org)

https://bugzilla.mozilla.org/show_bug.cgi?id=370445(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/32533(cve@mitre.org)

https://issues.rpath.com/browse/RPL-1081(cve@mitre.org)

https://issues.rpath.com/browse/RPL-1103(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730(cve@mitre.org)

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc(af854a3a-2127-422b-91ae-364da2661108)

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc(af854a3a-2127-422b-91ae-364da2661108)

http://fedoranews.org/cms/node/2713(af854a3a-2127-422b-91ae-364da2661108)

http://fedoranews.org/cms/node/2728(af854a3a-2127-422b-91ae-364da2661108)

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742(af854a3a-2127-422b-91ae-364da2661108)

http://lcamtuf.dione.cc/ffhostname.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html(af854a3a-2127-422b-91ae-364da2661108)

http://rhn.redhat.com/errata/RHSA-2007-0077.html(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24175(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24205(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24238(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24287(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24290(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24293(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24320(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24328(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24333(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24342(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24343(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24384(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24393(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24395(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24437(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24455(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24457(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/24650(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/25588(af854a3a-2127-422b-91ae-364da2661108)

http://security.gentoo.org/glsa/glsa-200703-04.xml(af854a3a-2127-422b-91ae-364da2661108)

http://securityreason.com/securityalert/2262(af854a3a-2127-422b-91ae-364da2661108)

http://securitytracker.com/id?1017654(af854a3a-2127-422b-91ae-364da2661108)

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131(af854a3a-2127-422b-91ae-364da2661108)

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851(af854a3a-2127-422b-91ae-364da2661108)

http://www.debian.org/security/2007/dsa-1336(af854a3a-2127-422b-91ae-364da2661108)

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml(af854a3a-2127-422b-91ae-364da2661108)

http://www.kb.cert.org/vuls/id/885753(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050(af854a3a-2127-422b-91ae-364da2661108)

http://www.mozilla.org/security/announce/2007/mfsa2007-07.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.osvdb.org/32104(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2007-0078.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2007-0079.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2007-0097.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2007-0108.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/460126/100/200/threaded(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/460217/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/461336/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/461809/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/22566(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/usn-428-1(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2007/0624(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2007/0718(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2008/0083(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.mozilla.org/show_bug.cgi?id=370445(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/32533(af854a3a-2127-422b-91ae-364da2661108)

https://issues.rpath.com/browse/RPL-1081(af854a3a-2127-422b-91ae-364da2661108)

https://issues.rpath.com/browse/RPL-1103(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.