Vulnerability Name: | CVE-2007-0994 (CCN-32818) |
Assigned: | 2007-03-05 |
Published: | 2007-03-05 |
Updated: | 2019-10-09 |
Summary: | A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges. |
CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): Low Availibility (A): Low |
|
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial |
|
Vulnerability Type: | CWE-94
|
Vulnerability Consequences: | Gain Access |
References: | Source: SGI Type: Broken Link 20070202-01-P
Source: SGI Type: Broken Link 20070301-01-P
Source: CONFIRM Type: Exploit, Issue Tracking, Patch, Third Party Advisory http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
Source: MITRE Type: CNA CVE-2007-0994
Source: HP Type: Broken Link SSRT061181
Source: SUSE Type: Broken Link SUSE-SA:2007:019
Source: CCN Type: RHSA-2007-0077 Critical: seamonkey security update
Source: CCN Type: RHSA-2007-0079 Critical: Firefox security update
Source: CCN Type: RHSA-2007-0097 Critical: firefox security update
Source: SECUNIA Type: Third Party Advisory 24384
Source: SECUNIA Type: Third Party Advisory 24395
Source: SECUNIA Type: Third Party Advisory 24455
Source: SECUNIA Type: Third Party Advisory 24457
Source: SECUNIA Type: Third Party Advisory 24650
Source: SECUNIA Type: Third Party Advisory 25588
Source: CCN Type: SECTRACK ID: 1017726 Mozilla Firefox JavaScript URI in IMG SRC Attribute Lets Remote Users Execute Arbitrary Code
Source: SECTRACK Type: Third Party Advisory, VDB Entry 1017726
Source: SLACKWARE Type: Mailing List, Third Party Advisory SSA:2007-066-05
Source: SLACKWARE Type: Mailing List, Third Party Advisory SSA:2007-066-03
Source: CCN Type: ASA-2007-095 thunderbird security update (RHSA-2007-0078)
Source: DEBIAN Type: Third Party Advisory DSA-1336
Source: DEBIAN Type: DSA-1336 mozilla-firefox -- several vulnerabilities
Source: CCN Type: Mozilla Web site Thunderbird 1.5
Source: CCN Type: Mozilla.org The SeaMonkey Project
Source: CCN Type: MFSA 2007-09 Privilege escalation by setting img.src to javascript URI
Source: CONFIRM Type: Vendor Advisory http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
Source: SUSE Type: Broken Link SUSE-SA:2007:022
Source: REDHAT Type: Third Party Advisory RHSA-2007:0078
Source: REDHAT Type: Third Party Advisory RHSA-2007:0097
Source: BID Type: Third Party Advisory, VDB Entry 22826
Source: CCN Type: BID-22826 Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Source: VUPEN Type: Third Party Advisory ADV-2007-0823
Source: XF Type: UNKNOWN mozilla-javascripturi-code-execution(32818)
Source: CONFIRM Type: Broken Link https://issues.rpath.com/browse/RPL-1103
Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:9749
Source: SUSE Type: SUSE-SA:2007:019 MozillaFirefox security update 1.5.0.10/2.0.0.2
Source: SUSE Type: SUSE-SA:2007:022 Mozilla security problems
|
Vulnerable Configuration: | Configuration 1: cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version >= 1.5 and < 1.5.0.10)OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version >= 2.0 and < 2.0.0.2)OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version >= 1.0 and < 1.0.8)OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version >= 1.1 and < 1.1.1) Configuration 2: cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5: cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration RedHat 6: cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 7: cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 8: cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 9: cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1: cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0::dev:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0::alpha:*:*:*:*:*OR cpe:/a:mozilla:seamonkey:1.0::beta:*:*:*:*:*AND cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
mozilla firefox *
mozilla firefox *
mozilla seamonkey *
mozilla seamonkey *
debian debian linux 3.1
mozilla firefox 1.5 beta1
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 1.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.7
mozilla seamonkey 1.0.5
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.2
mozilla firefox 1.5.0.9
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0 beta1
mozilla firefox 2.0 rc2
mozilla firefox 2.0 rc3
mozilla seamonkey 1.0
mozilla seamonkey 1.0.1
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.9
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.10
mozilla firefox 1.5.0.5
mozilla firefox 1.5.0.8
mozilla firefox 1.5 beta2
mozilla seamonkey 1.1
mozilla seamonkey 1.0
mozilla seamonkey 1.0
suse linux enterprise server 8
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
suse suse linux school server -
redhat enterprise linux 3
redhat enterprise linux 4
redhat enterprise linux 4
novell linux desktop 9
redhat enterprise linux 4
redhat enterprise linux 4
debian debian linux 3.1
novell open enterprise server *
suse suse linux 10.0
redhat linux advanced workstation 2.1
suse suse linux 10.1
redhat enterprise linux desktop 5.0
redhat enterprise linux 5
redhat enterprise linux 5
redhat enterprise linux 5
novell open enterprise server *
novell opensuse 10.2
suse suse linux 9.3