← back
CVE-2007-3736

CVE-2007-3736

EPSS 1.3%
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txtftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.aschttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://secunia.com/advisories/25589http://secunia.com/advisories/26072http://secunia.com/advisories/26095http://secunia.com/advisories/26103http://secunia.com/advisories/26106http://secunia.com/advisories/26107http://secunia.com/advisories/26149http://secunia.com/advisories/26151http://secunia.com/advisories/26159