CVE-2007-0994

NONECVSS 0.0

0.0

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

🔗 References (46)

secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
secalert@redhathttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
secalert@redhathttp://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
secalert@redhathttp://secunia.com/advisories/24384
secalert@redhathttp://secunia.com/advisories/24395
secalert@redhathttp://secunia.com/advisories/24455
secalert@redhathttp://secunia.com/advisories/24457
secalert@redhathttp://secunia.com/advisories/24650
secalert@redhathttp://secunia.com/advisories/25588
secalert@redhathttp://securitytracker.com/id?1017726
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
secalert@redhathttp://www.debian.org/security/2007/dsa-1336

Is Your Infrastructure Affected by CVE-2007-0994?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-0994

📅 Published

🔄 Last Modified

🔗 References (46)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-0994?