CVSS: 4.3EPSS: 0%CPEs: 38EXPL: 0CVE-2008-0593 – Mozilla URL token stealing flaw
https://notcve.org/view.php?id=CVE-2008-0593
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. Los navegadores basados en Gecko, incluyendo Mozilla Firefox versiones anteriores a 2.0.0.12 y SeaMonkey versiones anteriores a 1.1.8, modifican la propiedad .href de los nodos DOM de la hoja de estilo al URI final de un redireccionamiento 302, que podría permitir a los atacantes remotos omitir la Política del Mismo Origen y leer información confidencial de la dirección URL original, como con los sistemas de Single-Signon. • http://browser.netscape.com/releasenotes http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html http://secunia.com/advisories/28754 http://secunia.com/advisories/28758 http://secunia.com/advisories/28766 http://secunia.com/advisories/28815 http://secunia.com/advisories/28818 http://secunia.com/advisories/28839 http://secunia.com/advisories/28864 http://secunia.com/advisories/28865 http://secunia.com/advisories/28877 http://secunia.com/advisories/28879 http:/& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2007-6589
https://notcve.org/view.php?id=CVE-2007-6589
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947. El manejador de protocolo jar de Mozilla Firefox anterior a 2.0.0.10 y SeaMonkey anterior a 1.1.7 no actualiza el dominio de origen cuando la recuperación del parámetro URL interno da lugar a una redirección HTTP, lo cual permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) mediante un URI jar:, una vulnerabilidad diferente de CVE-2007-5947. • http://blog.beford.org/?p=8 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://osvdb.org/43477 http://www.mozilla.org/security/announce/2007/mfsa2007-37.html http://www.vupen.com/english/advisories/2008/0083 https://bugzilla.mozilla.org/show_bug.cgi?id=369814 https://bugzilla.mozilla.org/show_bug.cgi?id=403331 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6033 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 1%CPEs: 52EXPL: 0CVE-2007-5960 – Mozilla Cross-site Request Forgery flaw
https://notcve.org/view.php?id=CVE-2007-5960
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent. Mozilla Firefox versiones anteriores a 2.0.0.10 y SeaMonkey versiones anteriores a 1.1.7, establece el encabezado Referer en la ventana o trama en la que se ejecuta el script, en lugar de la dirección del contenido que inició el script, lo que permite a atacantes remotos suplantar encabezados Referer HTTP y omitir Esquemas de protección CSRF basados ??en Referer mediante la configuración de window.location y utilizando un cuadro de diálogo de alerta modal que causa que el Referer incorrecto se envíe. • http://browser.netscape.com/releasenotes http://bugs.gentoo.org/show_bug.cgi?id=198965 http://bugs.gentoo.org/show_bug.cgi?id=200909 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html http://secunia.com/advisories/27725 http://secunia.com/advisories/27793 http://secunia.com/advisories/27796 http://secunia.com/advisories/27797 http://secunia.com/advisories/27800 http://secunia. • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 95%CPEs: 66EXPL: 0CVE-2007-5959 – Multiple flaws in Firefox
https://notcve.org/view.php?id=CVE-2007-5959
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption. Múltiples vulnerabilidades no especificadas en Mozilla Firefox versiones anteriores a 2.0.0.10 y SeaMonkey versiones anteriores a 1.1.7 permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante vectores desconocidos que disparan corrupción de memoria. • http://browser.netscape.com/releasenotes http://bugs.gentoo.org/show_bug.cgi?id=198965 http://bugs.gentoo.org/show_bug.cgi?id=200909 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html http://secunia.com/advisories/27725 http://secunia.com/advisories/27793 http://secunia.com/advisories/27796 http://secunia.com/advisories/27797 http://secunia.com/advisories/27800 http://secunia. •
CVSS: 4.3EPSS: 5%CPEs: 15EXPL: 0CVE-2007-5947 – jar: protocol XSS
https://notcve.org/view.php?id=CVE-2007-5947
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI. El manejador del protocolo jar en Mozilla Firefox versiones anteriores a 2.0.0.10 y SeaMonkey versiones anteriores a 1.1.7, recupera la URL interna independientemente de su tipo MIME, y considera que los documentos HTML dentro de un archivo jar tienen el mismo origen que la URL interna, lo que permite a atacantes remotos conducir ataques de tipo cross-site scripting (XSS) por medio de un URI jar:. • http://browser.netscape.com/releasenotes http://bugs.gentoo.org/show_bug.cgi?id=198965 http://bugs.gentoo.org/show_bug.cgi?id=200909 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html http://secunia.com/advisories/27605 http://secunia.com/advisories/27793 http://secunia.com/advisories/27796 http://secunia.com/advisories/27797 http://secunia.com/advisories/27800 http://secunia. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •