Vulnerability-Lookup

CVE-2007-0780 (GCVE-0-2007-0780)

Vulnerability from cvelistv5 – Published: 2007-02-27 01:00 – Updated: 2024-08-07 12:34

Summary

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT
	http://www.mozilla.org/security/announce/2007/mfs…	x_refsource_CONFIRM
	http://secunia.com/advisories/24395	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.mozilla.org/show_bug.cgi?id=354973	x_refsource_MISC
	http://www.securityfocus.com/archive/1/461336/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/24328	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-01…	vendor-advisoryx_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-200703-04.xml	vendor-advisoryx_refsource_GENTOO
	http://www.gentoo.org/security/en/glsa/glsa-20070…	vendor-advisoryx_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://secunia.com/advisories/24384	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24457	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24343	third-party-advisoryx_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2007/0718	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/24650	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-428-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/24320	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1103	x_refsource_CONFIRM
	http://www.osvdb.org/32107	vdb-entryx_refsource_OSVDB
	http://lists.suse.com/archive/suse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/461809/100…	mailing-listx_refsource_BUGTRAQ
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/24293	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24238	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24393	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24342	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24287	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/22694	vdb-entryx_refsource_BID
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://fedoranews.org/cms/node/2713	vendor-advisoryx_refsource_FEDORA
	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT
	http://www.securitytracker.com/id?1017702	vdb-entryx_refsource_SECTRACK
	http://fedoranews.org/cms/node/2728	vendor-advisoryx_refsource_FEDORA
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/24205	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1081	x_refsource_CONFIRM
	http://secunia.com/advisories/24333	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/24290	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24455	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0077.html	vendor-advisoryx_refsource_REDHAT
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/24437	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:34:21.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2007:0078",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
          },
          {
            "name": "24395",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24395"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
          },
          {
            "name": "20070226 rPSA-2007-0040-1 firefox",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
          },
          {
            "name": "24328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24328"
          },
          {
            "name": "RHSA-2007:0108",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
          },
          {
            "name": "GLSA-200703-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
          },
          {
            "name": "GLSA-200703-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:9884",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
          },
          {
            "name": "SSA:2007-066-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
          },
          {
            "name": "24384",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24384"
          },
          {
            "name": "24457",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24457"
          },
          {
            "name": "24343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24343"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "ADV-2007-0718",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0718"
          },
          {
            "name": "24650",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24650"
          },
          {
            "name": "USN-428-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-428-1"
          },
          {
            "name": "24320",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24320"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1103"
          },
          {
            "name": "32107",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/32107"
          },
          {
            "name": "SUSE-SA:2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
          },
          {
            "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
          },
          {
            "name": "SUSE-SA:2007:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
          },
          {
            "name": "24293",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24293"
          },
          {
            "name": "24238",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24238"
          },
          {
            "name": "24393",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24393"
          },
          {
            "name": "24342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24342"
          },
          {
            "name": "24287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24287"
          },
          {
            "name": "22694",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22694"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "FEDORA-2007-281",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2713"
          },
          {
            "name": "RHSA-2007:0097",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
          },
          {
            "name": "1017702",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017702"
          },
          {
            "name": "FEDORA-2007-293",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2728"
          },
          {
            "name": "20070301-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
          },
          {
            "name": "mozilla-dataurl-xss(32667)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
          },
          {
            "name": "24205",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24205"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1081"
          },
          {
            "name": "24333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24333"
          },
          {
            "name": "MDKSA-2007:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
          },
          {
            "name": "24290",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24290"
          },
          {
            "name": "24455",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24455"
          },
          {
            "name": "RHSA-2007:0077",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
          },
          {
            "name": "20070202-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
          },
          {
            "name": "SSA:2007-066-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
          },
          {
            "name": "RHSA-2007:0079",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
          },
          {
            "name": "24437",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24437"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-23T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2007:0078",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
        },
        {
          "name": "24395",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24395"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
        },
        {
          "name": "20070226 rPSA-2007-0040-1 firefox",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
        },
        {
          "name": "24328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24328"
        },
        {
          "name": "RHSA-2007:0108",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
        },
        {
          "name": "GLSA-200703-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
        },
        {
          "name": "GLSA-200703-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:9884",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
        },
        {
          "name": "SSA:2007-066-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
        },
        {
          "name": "24384",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24384"
        },
        {
          "name": "24457",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24457"
        },
        {
          "name": "24343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24343"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "ADV-2007-0718",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0718"
        },
        {
          "name": "24650",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24650"
        },
        {
          "name": "USN-428-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-428-1"
        },
        {
          "name": "24320",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24320"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1103"
        },
        {
          "name": "32107",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/32107"
        },
        {
          "name": "SUSE-SA:2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
        },
        {
          "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
        },
        {
          "name": "SUSE-SA:2007:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
        },
        {
          "name": "24293",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24293"
        },
        {
          "name": "24238",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24238"
        },
        {
          "name": "24393",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24393"
        },
        {
          "name": "24342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24342"
        },
        {
          "name": "24287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24287"
        },
        {
          "name": "22694",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22694"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "FEDORA-2007-281",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2713"
        },
        {
          "name": "RHSA-2007:0097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
        },
        {
          "name": "1017702",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017702"
        },
        {
          "name": "FEDORA-2007-293",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2728"
        },
        {
          "name": "20070301-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
        },
        {
          "name": "mozilla-dataurl-xss(32667)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
        },
        {
          "name": "24205",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24205"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1081"
        },
        {
          "name": "24333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24333"
        },
        {
          "name": "MDKSA-2007:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
        },
        {
          "name": "24290",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24290"
        },
        {
          "name": "24455",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24455"
        },
        {
          "name": "RHSA-2007:0077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
        },
        {
          "name": "20070202-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
        },
        {
          "name": "SSA:2007-066-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
        },
        {
          "name": "RHSA-2007:0079",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
        },
        {
          "name": "24437",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24437"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-0780",
    "datePublished": "2007-02-27T01:00:00.000Z",
    "dateReserved": "2007-02-06T05:00:00.000Z",
    "dateUpdated": "2024-08-07T12:34:21.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2007-0780

Vulnerability from fkie_nvd - Published: 2007-02-26 20:28 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc	Broken Link
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc	Broken Link
secalert@redhat.com	http://fedoranews.org/cms/node/2713	Broken Link
secalert@redhat.com	http://fedoranews.org/cms/node/2728	Broken Link
secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	Broken Link
secalert@redhat.com	http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html	Broken Link
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2007-0077.html	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24205	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24238	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24287	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24290	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24293	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24320	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24328	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24333	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24342	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24343	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24384	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24393	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24395	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24437	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24455	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24457	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/24650	Third Party Advisory
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200703-04.xml	Third Party Advisory
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131	Mailing List, Third Party Advisory
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml	Third Party Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:050	Third Party Advisory
secalert@redhat.com	http://www.mozilla.org/security/announce/2007/mfsa2007-05.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_22_mozilla.html	Broken Link
secalert@redhat.com	http://www.osvdb.org/32107	Broken Link
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0078.html	Third Party Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0079.html	Third Party Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0097.html	Third Party Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0108.html	Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/461336/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/461809/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/bid/22694	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securitytracker.com/id?1017702	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/usn-428-1	Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/0718	Third Party Advisory
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=354973	Issue Tracking, Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/32667	Third Party Advisory, VDB Entry
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1081	Broken Link
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1103	Broken Link
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc	Broken Link
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2713	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2728	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2007-0077.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24205	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24238	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24287	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24290	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24293	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24320	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24328	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24333	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24342	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24343	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24384	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24393	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24395	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24437	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24455	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24457	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24650	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200703-04.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:050	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2007/mfsa2007-05.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_22_mozilla.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/32107	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0078.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0079.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0097.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0108.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/461336/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/461809/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22694	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017702	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-428-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0718	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=354973	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32667	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1081	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1103	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884	Third Party Advisory

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	*
mozilla	seamonkey	*
canonical	ubuntu_linux	5.10
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	6.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EDDD5B2-2356-4A1A-820F-60CF3B638910",
              "versionEndExcluding": "1.5.0.10",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAFE9FF-65A4-487A-9D3A-844086DE5F27",
              "versionEndExcluding": "2.0.0.2",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5ECD99A-50D8-47FB-AEE9-D7A4F8F72B7C",
              "versionEndExcluding": "1.0.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
              "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI."
    },
    {
      "lang": "es",
      "value": "browser.js en Mozilla Firefox 1.5.x versiones anteriores a 1.5.0.10 y 2.x versiones anteriores a 2.0.0.2, y SeaMonkey versiones anteriores a 1.0.8, usa la URI de petici\u00f3n para identificar ventanas hijo, lo cual permite a atacantes remotos conducir ataques de secuencias de comandos en sitios cruzados (XSS) al abrir una ventana emergente bloqueada originada de una URI javascript: en combinaci\u00f3n con m\u00faltiples marcos teniendo la misma URI data:"
    }
  ],
  "id": "CVE-2007-0780",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-02-26T20:28:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24393"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24437"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/32107"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017702"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/32107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017702"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2007-0780

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-0780

Aliases

CVE-2007-0780

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-0780",
    "description": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
    "id": "GSD-2007-0780",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-0780.html",
      "https://access.redhat.com/errata/RHSA-2007:0108",
      "https://access.redhat.com/errata/RHSA-2007:0097",
      "https://access.redhat.com/errata/RHSA-2007:0079",
      "https://access.redhat.com/errata/RHSA-2007:0078",
      "https://access.redhat.com/errata/RHSA-2007:0077",
      "https://linux.oracle.com/cve/CVE-2007-0780.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-0780"
      ],
      "details": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
      "id": "GSD-2007-0780",
      "modified": "2023-12-13T01:21:35.074316Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-0780",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc",
            "refsource": "MISC",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
          },
          {
            "name": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc",
            "refsource": "MISC",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
          },
          {
            "name": "http://fedoranews.org/cms/node/2713",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2713"
          },
          {
            "name": "http://fedoranews.org/cms/node/2728",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2728"
          },
          {
            "name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
            "refsource": "MISC",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html",
            "refsource": "MISC",
            "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2007-0077.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
          },
          {
            "name": "http://secunia.com/advisories/24205",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24205"
          },
          {
            "name": "http://secunia.com/advisories/24238",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24238"
          },
          {
            "name": "http://secunia.com/advisories/24287",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24287"
          },
          {
            "name": "http://secunia.com/advisories/24290",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24290"
          },
          {
            "name": "http://secunia.com/advisories/24293",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24293"
          },
          {
            "name": "http://secunia.com/advisories/24320",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24320"
          },
          {
            "name": "http://secunia.com/advisories/24328",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24328"
          },
          {
            "name": "http://secunia.com/advisories/24333",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24333"
          },
          {
            "name": "http://secunia.com/advisories/24342",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24342"
          },
          {
            "name": "http://secunia.com/advisories/24343",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24343"
          },
          {
            "name": "http://secunia.com/advisories/24384",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24384"
          },
          {
            "name": "http://secunia.com/advisories/24393",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24393"
          },
          {
            "name": "http://secunia.com/advisories/24395",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24395"
          },
          {
            "name": "http://secunia.com/advisories/24437",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24437"
          },
          {
            "name": "http://secunia.com/advisories/24455",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24455"
          },
          {
            "name": "http://secunia.com/advisories/24457",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24457"
          },
          {
            "name": "http://secunia.com/advisories/24650",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24650"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200703-04.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0078.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0079.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0097.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0108.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/461336/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/461809/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/22694",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/22694"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-428-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-428-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/0718",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/0718"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1081",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1081"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1103",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1103"
          },
          {
            "name": "http://www.securitytracker.com/id?1017702",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1017702"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html",
            "refsource": "MISC",
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
          },
          {
            "name": "http://www.osvdb.org/32107",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/32107"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.5.0.10",
                "versionStartIncluding": "1.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.0.8",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.0.0.2",
                "versionStartIncluding": "2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-0780"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1081",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1081"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1103",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1103"
            },
            {
              "name": "FEDORA-2007-281",
              "refsource": "FEDORA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://fedoranews.org/cms/node/2713"
            },
            {
              "name": "FEDORA-2007-293",
              "refsource": "FEDORA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://fedoranews.org/cms/node/2728"
            },
            {
              "name": "GLSA-200703-04",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
            },
            {
              "name": "GLSA-200703-08",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
            },
            {
              "name": "RHSA-2007:0079",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
            },
            {
              "name": "RHSA-2007:0077",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
            },
            {
              "name": "RHSA-2007:0078",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
            },
            {
              "name": "RHSA-2007:0097",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
            },
            {
              "name": "RHSA-2007:0108",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
            },
            {
              "name": "SUSE-SA:2007:019",
              "refsource": "SUSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
            },
            {
              "name": "USN-428-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-428-1"
            },
            {
              "name": "22694",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/22694"
            },
            {
              "name": "32107",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.osvdb.org/32107"
            },
            {
              "name": "1017702",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1017702"
            },
            {
              "name": "24238",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24238"
            },
            {
              "name": "24287",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24287"
            },
            {
              "name": "24290",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24290"
            },
            {
              "name": "24205",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24205"
            },
            {
              "name": "24328",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24328"
            },
            {
              "name": "24333",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24333"
            },
            {
              "name": "24343",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24343"
            },
            {
              "name": "24320",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24320"
            },
            {
              "name": "24293",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24293"
            },
            {
              "name": "24393",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24393"
            },
            {
              "name": "24395",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24395"
            },
            {
              "name": "24384",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24384"
            },
            {
              "name": "24437",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24437"
            },
            {
              "name": "20070301-01-P",
              "refsource": "SGI",
              "tags": [
                "Broken Link"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
            },
            {
              "name": "24650",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24650"
            },
            {
              "name": "MDKSA-2007:050",
              "refsource": "MANDRIVA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
            },
            {
              "name": "20070202-01-P",
              "refsource": "SGI",
              "tags": [
                "Broken Link"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
            },
            {
              "name": "SSA:2007-066-03",
              "refsource": "SLACKWARE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
            },
            {
              "name": "SSA:2007-066-05",
              "refsource": "SLACKWARE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
            },
            {
              "name": "SUSE-SA:2007:022",
              "refsource": "SUSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
            },
            {
              "name": "24455",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24455"
            },
            {
              "name": "24457",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24457"
            },
            {
              "name": "24342",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/24342"
            },
            {
              "name": "ADV-2007-0718",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0718"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "tags": [
                "Broken Link"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
            },
            {
              "name": "mozilla-dataurl-xss(32667)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
            },
            {
              "name": "oval:org.mitre.oval:def:9884",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
            },
            {
              "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
            },
            {
              "name": "20070226 rPSA-2007-0040-1 firefox",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2019-10-09T22:52Z",
      "publishedDate": "2007-02-26T20:28Z"
    }
  }
}

GHSA-89PH-RW24-CJRJ

Vulnerability from github – Published: 2022-05-03 03:17 – Updated: 2022-05-03 03:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-0780"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-02-26T20:28:00Z",
    "severity": "MODERATE"
  },
  "details": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
  "id": "GHSA-89ph-rw24-cjrj",
  "modified": "2022-05-03T03:17:57Z",
  "published": "2022-05-03T03:17:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0780"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "type": "WEB",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24393"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24437"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/32107"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1017702"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2007-AVI-102

Vulnerability from certfr_avis - Published: 2007-02-26 - Updated: 2007-03-27

Plusieurs vulnérabilités sur les produits Mozilla cités ci-dessus permettraient le contournement de la politique de sécurité, l'atteinte à la confidentialité des données ou l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été découvertes dans les produits de Mozilla. L'exploitation de ces vulnérabilités peut se faire de différentes façons (script hostile, boite de dialogue malformée, certificats malformés, etc.) et permet à des utilisateurs malintentionnés de provoquer un déni de service, d'exécuter du code arbitraire ou d'obtenir des droits élevés sur la machine victime.

Solution

Les versions suivantes corrigent les problèmes :

Firefox 1.5.0.10 ;
Firefox 2.0.0.2 ;
Thunderbird 1.5.0.10 ;
Seamonkey 1.0.8 ;
Network Security Services 3.11.5.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La branche de développement 1.5.x de Firefox ne sera plus maintenue au-delà du 24 avril 2007.

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Firefox 1.5.0.9 et versions antérieures ;
Mozilla	N/A	Network Security Services 3.11.4 et versions antérieures.
Mozilla	N/A	Seamonkey 1.0.7 et versions antérieures ;
Mozilla	Thunderbird	Thunderbird 1.5.0.9 et versions antérieures ;
Mozilla	Firefox	Firefox 2.0.0.1 et versions antérieures ;

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-0780 (GCVE-0-2007-0780)

FKIE_CVE-2007-0780

GSD-2007-0780

GHSA-89PH-RW24-CJRJ

CERTA-2007-AVI-102

Description

Solution

Tags

Sightings

Nomenclature