Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-0994

Опубликовано: 06 мар. 2007
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 1.5 (включая) до 1.5.0.10 (исключая)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.0.0.2 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия от 1.0 (включая) до 1.0.8 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия от 1.1 (включая) до 1.1.1 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 87%
0.0317
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2007-0994

ubuntu
около 19 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

redhat логотип

CVE-2007-0994

redhat
около 19 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

debian логотип

CVE-2007-0994

debian
около 19 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x befor ...

github логотип

GHSA-qp4j-3v3v-gvgq

github
почти 4 года назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

EPSS

Процентиль: 87%
0.0317
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-94