Vulnerability-Lookup

CVE-2007-2871 (GCVE-0-2007-2871)

Vulnerability from cvelistv5 – Published: 2007-06-01 04:00 – Updated: 2024-08-07 13:57

Summary

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.mozilla.org/security/announce/2007/mfs…	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1018155	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.debian.org/security/2007/dsa-1308	vendor-advisoryx_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/470172/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/25647	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25469	third-party-advisoryx_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/25491	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200706-06.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/25635	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25534	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/1994	vdb-entryx_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2007-04…	vendor-advisoryx_refsource_REDHAT
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://secunia.com/advisories/25533	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1018156	vdb-entryx_refsource_SECTRACK
	http://www.debian.org/security/2007/dsa-1306	vendor-advisoryx_refsource_DEBIAN
	https://issues.rpath.com/browse/RPL-1424	x_refsource_CONFIRM
	http://secunia.com/advisories/25858	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-468-1	vendor-advisoryx_refsource_UBUNTU
	http://www.redhat.com/support/errata/RHSA-2007-04…	vendor-advisoryx_refsource_REDHAT
	http://osvdb.org/35137	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/25476	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/bid/24242	vdb-entryx_refsource_BID
	http://secunia.com/advisories/25750	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1300	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/25559	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25490	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25488	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-04…	vendor-advisoryx_refsource_REDHAT
	http://www.us-cert.gov/cas/techalerts/TA07-151A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/25685	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:57:53.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
          },
          {
            "name": "1018155",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018155"
          },
          {
            "name": "oval:org.mitre.oval:def:11433",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
          },
          {
            "name": "DSA-1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1308"
          },
          {
            "name": "mozilla-xulpopups-spoofing(34606)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
          },
          {
            "name": "MDKSA-2007:120",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
          },
          {
            "name": "20070531 FLEA-2007-0023-1: firefox",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
          },
          {
            "name": "25647",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25647"
          },
          {
            "name": "25469",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25469"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "SUSE-SA:2007:036",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
          },
          {
            "name": "25491",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25491"
          },
          {
            "name": "GLSA-200706-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
          },
          {
            "name": "25635",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25635"
          },
          {
            "name": "25534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25534"
          },
          {
            "name": "ADV-2007-1994",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1994"
          },
          {
            "name": "RHSA-2007:0400",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
          },
          {
            "name": "SSA:2007-152-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
          },
          {
            "name": "25533",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25533"
          },
          {
            "name": "1018156",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018156"
          },
          {
            "name": "DSA-1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1424"
          },
          {
            "name": "25858",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25858"
          },
          {
            "name": "USN-468-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-468-1"
          },
          {
            "name": "RHSA-2007:0401",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
          },
          {
            "name": "35137",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35137"
          },
          {
            "name": "25476",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25476"
          },
          {
            "name": "MDKSA-2007:126",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "24242",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24242"
          },
          {
            "name": "25750",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25750"
          },
          {
            "name": "DSA-1300",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1300"
          },
          {
            "name": "25559",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25559"
          },
          {
            "name": "25490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25490"
          },
          {
            "name": "25488",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25488"
          },
          {
            "name": "RHSA-2007:0402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
          },
          {
            "name": "TA07-151A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
          },
          {
            "name": "25685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25685"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-30T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
        },
        {
          "name": "1018155",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018155"
        },
        {
          "name": "oval:org.mitre.oval:def:11433",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
        },
        {
          "name": "DSA-1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1308"
        },
        {
          "name": "mozilla-xulpopups-spoofing(34606)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
        },
        {
          "name": "MDKSA-2007:120",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
        },
        {
          "name": "20070531 FLEA-2007-0023-1: firefox",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
        },
        {
          "name": "25647",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25647"
        },
        {
          "name": "25469",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25469"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "SUSE-SA:2007:036",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
        },
        {
          "name": "25491",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25491"
        },
        {
          "name": "GLSA-200706-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
        },
        {
          "name": "25635",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25635"
        },
        {
          "name": "25534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25534"
        },
        {
          "name": "ADV-2007-1994",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1994"
        },
        {
          "name": "RHSA-2007:0400",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
        },
        {
          "name": "SSA:2007-152-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
        },
        {
          "name": "25533",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25533"
        },
        {
          "name": "1018156",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018156"
        },
        {
          "name": "DSA-1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1424"
        },
        {
          "name": "25858",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25858"
        },
        {
          "name": "USN-468-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-468-1"
        },
        {
          "name": "RHSA-2007:0401",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
        },
        {
          "name": "35137",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35137"
        },
        {
          "name": "25476",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25476"
        },
        {
          "name": "MDKSA-2007:126",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "24242",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24242"
        },
        {
          "name": "25750",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25750"
        },
        {
          "name": "DSA-1300",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1300"
        },
        {
          "name": "25559",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25559"
        },
        {
          "name": "25490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25490"
        },
        {
          "name": "25488",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25488"
        },
        {
          "name": "RHSA-2007:0402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
        },
        {
          "name": "TA07-151A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
        },
        {
          "name": "25685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25685"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-2871",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
            },
            {
              "name": "1018155",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018155"
            },
            {
              "name": "oval:org.mitre.oval:def:11433",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
            },
            {
              "name": "DSA-1308",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1308"
            },
            {
              "name": "mozilla-xulpopups-spoofing(34606)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
            },
            {
              "name": "MDKSA-2007:120",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
            },
            {
              "name": "20070531 FLEA-2007-0023-1: firefox",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
            },
            {
              "name": "25647",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25647"
            },
            {
              "name": "25469",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25469"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
            },
            {
              "name": "SUSE-SA:2007:036",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
            },
            {
              "name": "25491",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25491"
            },
            {
              "name": "GLSA-200706-06",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
            },
            {
              "name": "25635",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25635"
            },
            {
              "name": "25534",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25534"
            },
            {
              "name": "ADV-2007-1994",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1994"
            },
            {
              "name": "RHSA-2007:0400",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
            },
            {
              "name": "SSA:2007-152-02",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
            },
            {
              "name": "25533",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25533"
            },
            {
              "name": "1018156",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018156"
            },
            {
              "name": "DSA-1306",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1306"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1424",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1424"
            },
            {
              "name": "25858",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25858"
            },
            {
              "name": "USN-468-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-468-1"
            },
            {
              "name": "RHSA-2007:0401",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
            },
            {
              "name": "35137",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35137"
            },
            {
              "name": "25476",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25476"
            },
            {
              "name": "MDKSA-2007:126",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
            },
            {
              "name": "SSRT061181",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
            },
            {
              "name": "24242",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24242"
            },
            {
              "name": "25750",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25750"
            },
            {
              "name": "DSA-1300",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1300"
            },
            {
              "name": "25559",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25559"
            },
            {
              "name": "25490",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25490"
            },
            {
              "name": "25488",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25488"
            },
            {
              "name": "RHSA-2007:0402",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
            },
            {
              "name": "TA07-151A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
            },
            {
              "name": "25685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25685"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-2871",
    "datePublished": "2007-06-01T04:00:00.000Z",
    "dateReserved": "2007-05-29T04:00:00.000Z",
    "dateUpdated": "2024-08-07T13:57:53.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2007-2871

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-2871

Aliases

CVE-2007-2871

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-2871",
    "description": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks.",
    "id": "GSD-2007-2871",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-2871.html",
      "https://www.debian.org/security/2007/dsa-1308",
      "https://www.debian.org/security/2007/dsa-1306",
      "https://www.debian.org/security/2007/dsa-1300",
      "https://access.redhat.com/errata/RHSA-2007:0402",
      "https://access.redhat.com/errata/RHSA-2007:0401",
      "https://access.redhat.com/errata/RHSA-2007:0400",
      "https://linux.oracle.com/cve/CVE-2007-2871.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-2871"
      ],
      "details": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks.",
      "id": "GSD-2007-2871",
      "modified": "2023-12-13T01:21:37.569758Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-2871",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html",
            "refsource": "CONFIRM",
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
          },
          {
            "name": "1018155",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018155"
          },
          {
            "name": "oval:org.mitre.oval:def:11433",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
          },
          {
            "name": "DSA-1308",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1308"
          },
          {
            "name": "mozilla-xulpopups-spoofing(34606)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
          },
          {
            "name": "MDKSA-2007:120",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
          },
          {
            "name": "20070531 FLEA-2007-0023-1: firefox",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
          },
          {
            "name": "25647",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25647"
          },
          {
            "name": "25469",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25469"
          },
          {
            "name": "HPSBUX02153",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "SUSE-SA:2007:036",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
          },
          {
            "name": "25491",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25491"
          },
          {
            "name": "GLSA-200706-06",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
          },
          {
            "name": "25635",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25635"
          },
          {
            "name": "25534",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25534"
          },
          {
            "name": "ADV-2007-1994",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1994"
          },
          {
            "name": "RHSA-2007:0400",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
          },
          {
            "name": "SSA:2007-152-02",
            "refsource": "SLACKWARE",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
          },
          {
            "name": "25533",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25533"
          },
          {
            "name": "1018156",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018156"
          },
          {
            "name": "DSA-1306",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1306"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1424",
            "refsource": "CONFIRM",
            "url": "https://issues.rpath.com/browse/RPL-1424"
          },
          {
            "name": "25858",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25858"
          },
          {
            "name": "USN-468-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-468-1"
          },
          {
            "name": "RHSA-2007:0401",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
          },
          {
            "name": "35137",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35137"
          },
          {
            "name": "25476",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25476"
          },
          {
            "name": "MDKSA-2007:126",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
          },
          {
            "name": "SSRT061181",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "24242",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24242"
          },
          {
            "name": "25750",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25750"
          },
          {
            "name": "DSA-1300",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1300"
          },
          {
            "name": "25559",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25559"
          },
          {
            "name": "25490",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25490"
          },
          {
            "name": "25488",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25488"
          },
          {
            "name": "RHSA-2007:0402",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
          },
          {
            "name": "TA07-151A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
          },
          {
            "name": "25685",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25685"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-2871"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1424",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1424"
            },
            {
              "name": "DSA-1300",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1300"
            },
            {
              "name": "DSA-1306",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1306"
            },
            {
              "name": "DSA-1308",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1308"
            },
            {
              "name": "GLSA-200706-06",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
            },
            {
              "name": "MDKSA-2007:120",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
            },
            {
              "name": "MDKSA-2007:126",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
            },
            {
              "name": "RHSA-2007:0400",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
            },
            {
              "name": "RHSA-2007:0401",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
            },
            {
              "name": "RHSA-2007:0402",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
            },
            {
              "name": "SSA:2007-152-02",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
            },
            {
              "name": "SUSE-SA:2007:036",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
            },
            {
              "name": "USN-468-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-468-1"
            },
            {
              "name": "TA07-151A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
            },
            {
              "name": "24242",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24242"
            },
            {
              "name": "1018155",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018155"
            },
            {
              "name": "1018156",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018156"
            },
            {
              "name": "25476",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25476"
            },
            {
              "name": "25533",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25533"
            },
            {
              "name": "25559",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25559"
            },
            {
              "name": "25635",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25635"
            },
            {
              "name": "25647",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25647"
            },
            {
              "name": "25685",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25685"
            },
            {
              "name": "25534",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25534"
            },
            {
              "name": "25469",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25469"
            },
            {
              "name": "25488",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25488"
            },
            {
              "name": "25490",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25490"
            },
            {
              "name": "25491",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25491"
            },
            {
              "name": "25750",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25750"
            },
            {
              "name": "25858",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25858"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
            },
            {
              "name": "ADV-2007-1994",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1994"
            },
            {
              "name": "35137",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35137"
            },
            {
              "name": "mozilla-xulpopups-spoofing(34606)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
            },
            {
              "name": "oval:org.mitre.oval:def:11433",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
            },
            {
              "name": "20070531 FLEA-2007-0023-1: firefox",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-16T16:46Z",
      "publishedDate": "2007-06-01T00:30Z"
    }
  }
}

GHSA-RH8F-RV8H-M4GM

Vulnerability from github – Published: 2022-05-01 18:08 – Updated: 2022-05-01 18:08

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-2871"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-06-01T00:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks.",
  "id": "GHSA-rh8f-rv8h-m4gm",
  "modified": "2022-05-01T18:08:05Z",
  "published": "2022-05-01T18:08:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2871"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1424"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/35137"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25469"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25476"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25488"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25490"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25491"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25533"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25534"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25559"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25635"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25647"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25685"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25750"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25858"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1300"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1306"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1308"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24242"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018155"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018156"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-468-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1994"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2007-AVI-245

Vulnerability from certfr_avis - Published: 2007-06-01 - Updated: 2007-06-01

None

Description

De nombreuses vulnérabilités dans les produits Mozilla permettent à un utilisateur distant malintentionné de provoquer un déni de service, d'exécuter du code arbitraire ou de porter atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Mozilla Firefox 2.x ;
Mozilla	Thunderbird	Mozilla Thunderbird 2.x ;
Mozilla	Firefox	Mozilla Firefox 1.5.x ;
Mozilla	Thunderbird	Mozilla Thunderbird 1.5.x ;
Mozilla	N/A	Mozilla SeaMonkey 1.x.

References

Title

Publication Time

FKIE_CVE-2007-2871

Vulnerability from fkie_nvd - Published: 2007-06-01 00:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
secalert@redhat.com	http://osvdb.org/35137
secalert@redhat.com	http://secunia.com/advisories/25469
secalert@redhat.com	http://secunia.com/advisories/25476
secalert@redhat.com	http://secunia.com/advisories/25488
secalert@redhat.com	http://secunia.com/advisories/25490
secalert@redhat.com	http://secunia.com/advisories/25491
secalert@redhat.com	http://secunia.com/advisories/25533
secalert@redhat.com	http://secunia.com/advisories/25534
secalert@redhat.com	http://secunia.com/advisories/25559
secalert@redhat.com	http://secunia.com/advisories/25635
secalert@redhat.com	http://secunia.com/advisories/25647
secalert@redhat.com	http://secunia.com/advisories/25685
secalert@redhat.com	http://secunia.com/advisories/25750
secalert@redhat.com	http://secunia.com/advisories/25858
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200706-06.xml
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1300
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1306
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1308
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:120
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:126
secalert@redhat.com	http://www.mozilla.org/security/announce/2007/mfsa2007-17.html	Vendor Advisory
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_36_mozilla.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0400.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0401.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0402.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/470172/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/24242
secalert@redhat.com	http://www.securitytracker.com/id?1018155
secalert@redhat.com	http://www.securitytracker.com/id?1018156
secalert@redhat.com	http://www.ubuntu.com/usn/usn-468-1
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA07-151A.html	US Government Resource
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1994
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/34606
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1424
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35137
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25469
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25476
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25488
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25490
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25491
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25533
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25534
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25559
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25635
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25647
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25685
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25750
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25858
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200706-06.xml
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1300
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1306
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1308
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:120
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:126
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2007/mfsa2007-17.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_36_mozilla.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0400.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0401.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0402.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/470172/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24242
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018155
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018156
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-468-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-151A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1994
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34606
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1424
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433

Impacted products

Vendor	Product	Version
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	1.5.0.2
mozilla	firefox	1.5.0.3
mozilla	firefox	1.5.0.4
mozilla	firefox	1.5.0.5
mozilla	firefox	1.5.0.6
mozilla	firefox	1.5.0.7
mozilla	firefox	1.5.0.8
mozilla	firefox	1.5.0.9
mozilla	firefox	1.5.0.10
mozilla	firefox	1.5.0.11
mozilla	firefox	2.0
mozilla	firefox	2.0.0.1
mozilla	firefox	2.0.0.2
mozilla	firefox	2.0.0.3
mozilla	seamonkey	1.0.9
mozilla	seamonkey	1.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "022274DE-5251-49C9-B6E5-1D8CEDC34E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E01097-F60A-4FB2-BA47-84A267EE87D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser\u0027s content pane.  NOTE: this issue can be leveraged for phishing and other attacks."
    },
    {
      "lang": "es",
      "value": "El Mozilla Firefox 1.5.x anterior al 1.5.0.12 y el 2.x anterior al 2.0.0.4 y el SeaMonkey 1.0.9 y 1.1.2, permiten a atacantes remotos simular o esconder el \"browser chrome\", como el de la barra de ubicaci\u00f3n, mediante la colocaci\u00f3n de popups XUL fuera de la ventana que contiene el buscador. NOTA: Esta vulnerabilidad se puede utilizar para ataques de phishing y otros tipos."
    }
  ],
  "id": "CVE-2007-2871",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-06-01T00:30:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/35137"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25469"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25476"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25488"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25490"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25491"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25533"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25534"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25559"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25635"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25647"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25685"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25750"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25858"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1300"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1306"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1308"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/24242"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1018155"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1018156"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-468-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1994"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1424"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.571857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1308"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-17.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-468-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11433"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-2871 (GCVE-0-2007-2871)

GSD-2007-2871

GHSA-RH8F-RV8H-M4GM

CERTA-2007-AVI-245

Description

Solution

FKIE_CVE-2007-2871

Tags

Sightings

Nomenclature