GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
fedoranews.org/cms/node/2713
fedoranews.org/cms/node/2728
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
osvdb.org/32109
rhn.redhat.com/errata/RHSA-2007-0077.html
secunia.com/advisories/24205
secunia.com/advisories/24238
secunia.com/advisories/24287
secunia.com/advisories/24290
secunia.com/advisories/24293
secunia.com/advisories/24320
secunia.com/advisories/24328
secunia.com/advisories/24333
secunia.com/advisories/24342
secunia.com/advisories/24343
secunia.com/advisories/24384
secunia.com/advisories/24393
secunia.com/advisories/24395
secunia.com/advisories/24437
secunia.com/advisories/24455
secunia.com/advisories/24457
secunia.com/advisories/24650
security.gentoo.org/glsa/glsa-200703-04.xml
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
www.gentoo.org/security/en/glsa/glsa-200703-08.xml
www.mandriva.com/security/advisories?name=MDKSA-2007:050
www.mozilla.org/security/announce/2007/mfsa2007-04.html
www.novell.com/linux/security/advisories/2007_22_mozilla.html
www.redhat.com/support/errata/RHSA-2007-0078.html
www.redhat.com/support/errata/RHSA-2007-0079.html
www.redhat.com/support/errata/RHSA-2007-0097.html
www.redhat.com/support/errata/RHSA-2007-0108.html
www.securityfocus.com/archive/1/461336/100/0/threaded
www.securityfocus.com/archive/1/461809/100/0/threaded
www.securityfocus.com/bid/22694
www.securitytracker.com/id?1017700
www.ubuntu.com/usn/usn-428-1
www.vupen.com/english/advisories/2007/0718
www.vupen.com/english/advisories/2008/0083
bugzilla.mozilla.org/show_bug.cgi?id=361298
issues.rpath.com/browse/RPL-1081
issues.rpath.com/browse/RPL-1103
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757