CVE-2007-0994
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Un error de regresión en Mozilla Firefox versión 2.x anterior a 2.0.0.2 y versión 1.x anterior a 1.5.0.10, y SeaMonkey versión 1.1 anterior a 1.1.1 y versión 1.0 anterior a 1.0.8, permite a los atacantes remotos ejecutar JavaScript arbitrario como usuario por medio de un mensaje de correo HTML con un javascript: URI en una etiqueta (1) img , (2) enlace o (3) style, que omite las comprobaciones de acceso y ejecuta código con privilegios de chromo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-02-16 CVE Reserved
- 2007-03-06 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-09-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (25)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/24384 | Third Party Advisory | |
| http://secunia.com/advisories/24395 | Third Party Advisory | |
| http://secunia.com/advisories/24455 | Third Party Advisory | |
| http://secunia.com/advisories/24457 | Third Party Advisory | |
| http://secunia.com/advisories/24650 | Third Party Advisory | |
| http://secunia.com/advisories/25588 | Third Party Advisory | |
| http://securitytracker.com/id?1017726 | Third Party Advisory | |
| http://www.securityfocus.com/bid/22826 | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2007/0823 | Third Party Advisory | |
| https://issues.rpath.com/browse/RPL-1103 | Broken Link | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749 | Signature |
| URL | Date | SRC |
|---|---|---|
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733 | 2024-08-07 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | >= 1.5 < 1.5.0.10 Search vendor "Mozilla" for product "Firefox" and version " >= 1.5 < 1.5.0.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | >= 2.0 < 2.0.0.2 Search vendor "Mozilla" for product "Firefox" and version " >= 2.0 < 2.0.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | >= 1.0 < 1.0.8 Search vendor "Mozilla" for product "Seamonkey" and version " >= 1.0 < 1.0.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | >= 1.1 < 1.1.1 Search vendor "Mozilla" for product "Seamonkey" and version " >= 1.1 < 1.1.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 3.1 Search vendor "Debian" for product "Debian Linux" and version "3.1" | - |
Affected
| ||||||