Lucene search
Mozilla FoundationMFSA2007-33HistoryOct 18, 2007 - 12:00 a.m.
XUL pages can hide the window titlebar — Mozilla
2007-10-1800:00:00
Mozilla Foundation
www.mozilla.org
13
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.004
Percentile
72.3%
Mozilla developer Eli Friedman discovered that web pages written in the XUL markup language (rather than the usual HTML) can hide their window’s titlebar. It may have been possible to abuse this ablity to create more convincing spoof and phishing pages.
Affected configurations
Node
mozillafirefoxRange<2.0.0.8
ORmozillaseamonkeyRange<1.1.5
Related
cert
cert
Mozilla XUL web applications may hide the titlebar
2007-10-19 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-33
2007-10-23 00:00:00
Mozilla Firefox /Thunderbird / Seamonkey multiple security vulnerabilities
2007-10-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:20:21
cvelist
cvelist
CVE-2007-5334
2007-10-21 20:00:00
ubuntucve
ubuntucve
CVE-2007-5334
2007-10-21 00:00:00
nvd
nvd
CVE-2007-5334
2007-10-21 20:17:00
cve
cve
CVE-2007-5334
2007-10-21 20:17:00
prion
prion
Design/Logic Flaw
2007-10-21 20:17:00
freebsd
freebsd
firefox -- OnUnload Javascript browser entrapment vulnerability
2007-10-19 00:00:00
nessus
nessus
seebug
seebug
Mozilla Firefox 2.0.0.7多个远程安全漏洞
2007-10-23 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200711-14 (firefox seamonkey xulrunner)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-14 (firefox seamonkey xulrunner)
2008-09-24 00:00:00
Fedora Update for thunderbird FEDORA-2007-3414
2009-02-27 00:00:00
gentoo
gentoo
Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities
2007-11-12 00:00:00
redhat
redhat
(RHSA-2007:0980) Critical: seamonkey security update
2007-10-19 00:00:00
(RHSA-2007:0981) Moderate: thunderbird security update
2007-10-19 00:00:00
(RHSA-2007:0979) Critical: firefox security update
2007-10-19 00:00:00
centos
centos
seamonkey security update
2007-10-19 22:39:36
seamonkey security update
2007-10-22 02:25:42
firefox security update
2007-10-20 18:08:04
debian
debian
[SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities
2007-10-20 11:56:10
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities
2007-11-05 23:44:32
[SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities
2007-10-27 11:54:56
fedora
fedora
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.9-1.fc7
2007-11-16 00:41:37
[SECURITY] Fedora 8 Update: thunderbird-2.0.0.9-1.fc8
2007-11-16 00:39:02
[SECURITY] Fedora 7 Update: seamonkey-1.1.5-1.fc7
2007-10-24 07:02:38
oraclelinux
oraclelinux
Critical: seamonkey security update
2007-10-20 00:00:00
Critical: firefox security update
2007-10-20 00:00:00
Moderate: thunderbird security update
2007-10-20 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2007-10-23 00:00:00
Firefox vulnerabilities
2007-10-22 00:00:00
osv
osv
xulrunner - several vulnerabilities
2007-10-20 00:00:00
iceape - several vulnerabilities
2007-11-05 00:00:00
iceweasel
2007-10-27 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.004
Percentile
72.3%
Related for MFSA2007-33