Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-3089
HistoryJun 06, 2007 - 12:00 a.m.

CVE-2007-3089

2007-06-0600:00:00
ubuntu.com
ubuntu.com
17

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.947

Percentile

99.3%

JSON

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to
replace an IFRAME (1) during the load stage or (2) in the case of an
about:blank frame, which allows remote attackers to display arbitrary HTML
or execute certain JavaScript code, as demonstrated by code that intercepts
keystroke values from window.event, aka the “promiscuous IFRAME access
bug,” a related issue to CVE-2006-4568.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchfirefox< 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1UNKNOWN
ubuntu6.10noarchfirefox< 2.0.0.6+0dfsg-0ubuntu0.6.10UNKNOWN
ubuntu7.04noarchfirefox< 2.0.0.6+1-0ubuntu1UNKNOWN

Related

cve 3
prion 2
cvelist 3
nvd 3
mozilla 2
debiancve 1
veracode 2
ubuntucve 2
securityvulns 2
seebug 1
cert 3
freebsd 2
openvas 53
nessus 57
debian 6
osv 6
gentoo 3
oraclelinux 5
centos 7
fedora 10
redhat 5
ubuntu 3
suse 3
cve
cve
CVE-2007-3089
2007-06-06 21:30:00
CVE-2006-4568
2006-09-15 19:07:00
CVE-2007-3844
2007-08-08 01:17:00
prion
prion
Code injection
2007-06-06 21:30:00
Cross site scripting
2007-08-08 01:17:00
cvelist
cvelist
CVE-2007-3089
2007-06-06 21:00:00
CVE-2006-4568
2006-09-15 19:00:00
CVE-2007-3844
2007-08-08 01:11:00
nvd
nvd
CVE-2007-3089
2007-06-06 21:30:00
CVE-2006-4568
2006-09-15 19:07:00
CVE-2007-3844
2007-08-08 01:17:00
mozilla
mozilla
Frame spoofing using document.open() — Mozilla
2006-09-14 00:00:00
Frame spoofing while window is loading — Mozilla
2007-07-17 00:00:00
debiancve
debiancve
CVE-2006-4568
2006-09-15 19:07:00
veracode
veracode
Content-Spoofing
2020-04-10 00:13:13
Arbitrary Code Injection
2020-04-10 00:17:15
ubuntucve
ubuntucve
CVE-2006-4568
2006-09-15 00:00:00
CVE-2007-3844
2007-08-08 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-20
2007-07-19 00:00:00
Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
2007-07-19 00:00:00
seebug
seebug
Firefox about:blank IFRME帧跨域访问漏洞
2007-07-20 00:00:00
cert
cert
Mozilla Firefox allows cross-domain iframe access via JavaScript
2007-06-08 00:00:00
OpenSSL SSLv2 client code fails to properly check for NULL
2006-09-28 00:00:00
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
2006-09-28 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2007-07-17 00:00:00
mozilla -- multiple vulnerabilities
2006-09-14 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200610-04 (seamonkey)
2008-09-24 00:00:00
nessus
nessus
FreeBSD : mozilla -- multiple vulnerabilities (e190ca65-3636-11dc-a697-000c6ec775d9)
2007-07-23 00:00:00
GLSA-200610-04 : SeaMonkey: Multiple vulnerabilities
2006-10-20 00:00:00
Debian DSA-1210-1 : mozilla-firefox - several vulnerabilities
2006-11-20 00:00:00
debian
debian
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
2006-11-14 08:02:35
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities
2006-10-05 10:14:30
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities
2006-10-06 12:11:15
osv
osv
mozilla-firefox
2006-11-14 00:00:00
mozilla
2006-10-06 00:00:00
mozilla-thunderbird
2006-10-05 00:00:00
gentoo
gentoo
Seamonkey: Multiple vulnerabilities
2006-10-16 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-09-28 00:00:00
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
oraclelinux
oraclelinux
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical seamonkey security update
2006-12-07 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
centos
centos
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2006-09-17 23:20:54
devhelp, seamonkey security update
2006-09-15 14:57:11
fedora
fedora
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: yelp-2.18.1-5.fc7
2007-07-18 20:56:52
redhat
redhat
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2006:0676) seamonkey security update
2006-09-15 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
ubuntu
ubuntu
firefox vulnerabilities
2006-09-23 00:00:00
Firefox vulnerabilities
2007-07-20 00:00:00
Mozilla vulnerabilities
2006-10-10 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2006-09-22 13:02:47
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
Firefox update to 31.1esr (important)
2014-09-09 18:04:16

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.947

Percentile

99.3%

JSON
Related for UB:CVE-2007-3089
cve3prion2cvelist3nvd3mozilla2debiancve1veracode2ubuntucve2securityvulns2seebug1cert3freebsd2openvas53nessus57debian6osv6gentoo3oraclelinux5centos7fedora10redhat5ubuntu3suse3