← volver
CVE-2007-0994

CVE-2007-0994

EPSS 3.2%
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.ascftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.aschttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.htmlhttp://secunia.com/advisories/24384http://secunia.com/advisories/24395http://secunia.com/advisories/24455http://secunia.com/advisories/24457http://secunia.com/advisories/24650http://secunia.com/advisories/25588http://securitytracker.com/id?1017726