Lucene search
Mozilla FoundationMFSA2007-19HistoryJul 17, 2007 - 12:00 a.m.
XSS using addEventListener and setTimeout — Mozilla
2007-07-1700:00:00
Mozilla Foundation
www.mozilla.org
16
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.491
Percentile
97.5%
Mozilla contributor moz_bug_r_a4 demonstrated that the methods addEventListener and setTimeout could be used to inject script into another site in violation of the browser’s same-origin policy. This could be used to access or modify private or valuable information from that other site.
Affected configurations
Node
mozillafirefoxRange<2.0.0.5
ORmozillaseamonkeyRange<1.1.3
Related
cvelist
cvelist
CVE-2007-3736
2007-07-18 17:00:00
CVE-2010-0171
2010-03-25 20:31:00
ubuntucve
ubuntucve
CVE-2007-3736
2007-07-18 00:00:00
CVE-2010-0171
2010-03-25 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-19
2007-07-19 00:00:00
Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
2007-07-19 00:00:00
cve
cve
CVE-2007-3736
2007-07-18 17:30:00
CVE-2010-0171
2010-03-25 21:00:00
nvd
nvd
CVE-2007-3736
2007-07-18 17:30:00
CVE-2010-0171
2010-03-25 21:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:17:16
prion
prion
Cross site scripting
2007-07-18 17:30:00
Cross site scripting
2010-03-25 21:00:00
seebug
seebug
Mozilla Firefox 2.0.0.4多个远程安全漏洞
2007-07-19 00:00:00
nessus
nessus
Fedora Core 6 : thunderbird-1.5.0.12-2.fc6 (2007-641)
2007-07-23 00:00:00
CentOS 4 / 5 : thunderbird (CESA-2007:0723)
2007-07-23 00:00:00
Oracle Linux 4 : thunderbird (ELSA-2007-0723)
2013-07-12 00:00:00
openvas
openvas
Fedora Update for thunderbird FEDORA-2007-1180
2009-02-27 00:00:00
Fedora Update for thunderbird FEDORA-2007-641
2009-02-27 00:00:00
Fedora Update for thunderbird FEDORA-2007-641
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: firefox-2.0.0.5-1.fc7
2007-07-18 20:56:30
redhat
redhat
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
(RHSA-2007:0722) Critical: seamonkey security update
2007-07-18 00:00:00
oraclelinux
oraclelinux
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
Critical: firefox security update
2007-07-19 00:00:00
centos
centos
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2007-07-20 05:54:56
seamonkey security update
2007-07-19 11:53:21
osv
osv
debian
debian
[SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities
2007-07-24 00:00:33
[SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities
2007-07-23 17:27:52
[SECURITY] [DSA 1337-1] New xulrunner packages fix several vulnerabilities
2007-07-22 19:19:22
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-07-20 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.491
Percentile
97.5%
Related for MFSA2007-19