Lucene search

MitreCVELIST:CVE-2007-0981

HistoryFeb 16, 2007 - 1:00 a.m.

CVE-2007-0981

2007-02-1601:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

Low

EPSS

0.97

Percentile

99.8%

JSON

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

fedoranews.org/cms/node/2713

fedoranews.org/cms/node/2728

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

lcamtuf.dione.cc/ffhostname.html

lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

rhn.redhat.com/errata/RHSA-2007-0077.html

secunia.com/advisories/24175

secunia.com/advisories/24205

secunia.com/advisories/24238

secunia.com/advisories/24287

secunia.com/advisories/24290

secunia.com/advisories/24293

secunia.com/advisories/24320

secunia.com/advisories/24328

secunia.com/advisories/24333

secunia.com/advisories/24342

secunia.com/advisories/24343

secunia.com/advisories/24384

secunia.com/advisories/24393

secunia.com/advisories/24395

secunia.com/advisories/24437

secunia.com/advisories/24455

secunia.com/advisories/24457

secunia.com/advisories/24650

secunia.com/advisories/25588

security.gentoo.org/glsa/glsa-200703-04.xml

securityreason.com/securityalert/2262

securitytracker.com/id?1017654

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

www.debian.org/security/2007/dsa-1336

www.gentoo.org/security/en/glsa/glsa-200703-08.xml

www.kb.cert.org/vuls/id/885753

www.mandriva.com/security/advisories?name=MDKSA-2007:050

www.mozilla.org/security/announce/2007/mfsa2007-07.html

www.novell.com/linux/security/advisories/2007_22_mozilla.html

www.osvdb.org/32104

www.redhat.com/support/errata/RHSA-2007-0078.html

www.redhat.com/support/errata/RHSA-2007-0079.html

www.redhat.com/support/errata/RHSA-2007-0097.html

www.redhat.com/support/errata/RHSA-2007-0108.html

www.securityfocus.com/archive/1/460126/100/200/threaded

www.securityfocus.com/archive/1/460217/100/0/threaded

www.securityfocus.com/archive/1/461336/100/0/threaded

www.securityfocus.com/archive/1/461809/100/0/threaded

www.securityfocus.com/bid/22566

www.ubuntu.com/usn/usn-428-1

www.vupen.com/english/advisories/2007/0624

www.vupen.com/english/advisories/2007/0718

www.vupen.com/english/advisories/2008/0083

bugzilla.mozilla.org/show_bug.cgi?id=370445

exchange.xforce.ibmcloud.com/vulnerabilities/32533

issues.rpath.com/browse/RPL-1081

issues.rpath.com/browse/RPL-1103

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730