Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-0994

Опубликовано: 06 мар. 2007
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 1.5 (включая) до 1.5.0.10 (исключая)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.0.0.2 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия от 1.0 (включая) до 1.0.8 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия от 1.1 (включая) до 1.1.1 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02501
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2007-0994

ubuntu
больше 18 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

redhat логотип

CVE-2007-0994

redhat
больше 18 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

debian логотип

CVE-2007-0994

debian
больше 18 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x befor ...

github логотип

GHSA-qp4j-3v3v-gvgq

github
больше 3 лет назад

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

EPSS

Процентиль: 85%
0.02501
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-94