← Voltar para CVEs
CVE-2007-0994
N/ADescricao
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/6/2007
Ultima modificacao4/23/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
debian:debian_linuxmozilla:firefoxmozilla:seamonkey
Fraquezas (CWE)
CWE-94
Referencias
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc(secalert@redhat.com)
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc(secalert@redhat.com)
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733(secalert@redhat.com)
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742(secalert@redhat.com)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html(secalert@redhat.com)
http://secunia.com/advisories/24384(secalert@redhat.com)
http://secunia.com/advisories/24395(secalert@redhat.com)
http://secunia.com/advisories/24455(secalert@redhat.com)
http://secunia.com/advisories/24457(secalert@redhat.com)
http://secunia.com/advisories/24650(secalert@redhat.com)
http://secunia.com/advisories/25588(secalert@redhat.com)
http://securitytracker.com/id?1017726(secalert@redhat.com)
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131(secalert@redhat.com)
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851(secalert@redhat.com)
http://www.debian.org/security/2007/dsa-1336(secalert@redhat.com)
http://www.mozilla.org/security/announce/2007/mfsa2007-09.html(secalert@redhat.com)
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2007-0078.html(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2007-0097.html(secalert@redhat.com)
http://www.securityfocus.com/bid/22826(secalert@redhat.com)
http://www.vupen.com/english/advisories/2007/0823(secalert@redhat.com)
https://issues.rpath.com/browse/RPL-1103(secalert@redhat.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749(secalert@redhat.com)
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc(af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc(af854a3a-2127-422b-91ae-364da2661108)
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733(af854a3a-2127-422b-91ae-364da2661108)
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742(af854a3a-2127-422b-91ae-364da2661108)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24384(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24395(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24455(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24457(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24650(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25588(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017726(af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131(af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2007/dsa-1336(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2007/mfsa2007-09.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0078.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0097.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22826(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0823(af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1103(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.