Lucene search
Mozilla FoundationMFSA2007-25HistoryJul 17, 2007 - 12:00 a.m.
XPCNativeWrapper pollution — Mozilla
2007-07-1700:00:00
Mozilla Foundation
www.mozilla.org
12
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.709
Percentile
98.1%
Mozilla security researchers shutdown and moz_bug_r_a4 reported two separate ways to modify an XPCNativeWrapper such that subsequent access by the browser would result in executing user-supplied code.
Affected configurations
Node
mozillafirefoxRange<2.0.0.5
ORmozillaseamonkeyRange<1.1.3
Related
ubuntucve
ubuntucve
CVE-2007-3738
2007-07-18 00:00:00
prion
prion
Design/Logic Flaw
2007-07-18 17:30:00
cvelist
cvelist
CVE-2007-3738
2007-07-18 17:00:00
cve
cve
CVE-2007-3738
2007-07-18 17:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:17
nvd
nvd
CVE-2007-3738
2007-07-18 17:30:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-25
2007-07-19 00:00:00
Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
2007-07-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2007-07-17 00:00:00
seebug
seebug
Mozilla Firefox 2.0.0.4多个远程安全漏洞
2007-07-19 00:00:00
nessus
nessus
FreeBSD : mozilla -- multiple vulnerabilities (e190ca65-3636-11dc-a697-000c6ec775d9)
2007-07-23 00:00:00
CentOS 4 / 5 : thunderbird (CESA-2007:0723)
2007-07-23 00:00:00
Oracle Linux 4 : thunderbird (ELSA-2007-0723)
2013-07-12 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Fedora Update for thunderbird FEDORA-2007-1180
2009-02-27 00:00:00
redhat
redhat
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
(RHSA-2007:0722) Critical: seamonkey security update
2007-07-18 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora 7 Update: firefox-2.0.0.5-1.fc7
2007-07-18 20:56:30
oraclelinux
oraclelinux
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
Critical: firefox security update
2007-07-19 00:00:00
centos
centos
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2007-07-20 05:54:56
seamonkey security update
2007-07-19 11:53:21
osv
osv
xulrunner
2007-07-22 00:00:00
icedove - several vulnerabilities
2008-05-12 00:00:00
iceape - several
2007-07-23 00:00:00
debian
debian
[SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities
2008-05-12 16:09:37
[SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities
2007-07-23 17:27:52
[SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities
2007-07-24 00:00:33
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-07-20 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.709
Percentile
98.1%
Related for MFSA2007-25