Executive Summary
Summary | |
---|---|
Title | Firefox vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-490-1 | First vendor Publication | 2007-07-19 |
Vendor | Ubuntu | Last vendor Modification | 2007-07-19 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3734, CVE-2007-3735) Flaws were discovered in the JavaScript methods addEventListener and setTimeout which could be used to inject script into another site in violation of the browser's same-origin policy. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3736) Ronen Zilberman and Michal Zalewski discovered timing attacks in the JavaScript engine's use of about:blank frames. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3089) A flaw was discovered in the JavaScript event handling code. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3737) Ronald van den Heetkamp discovered that filename URLs including an encoded null byte could confuse the extension matching code. By tricking a user into opening a malicious web page, an attacker could execute arbitrary helper programs. (CVE-2007-3285) Michal Zalewski discovered flaws in the same-origin handling of cached "wyciwyg://" documents. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-3656) Various flaws were discovered in the XPCNativeWrapper method. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-3738). |
Original Source
Url : http://www.ubuntu.com/usn/USN-490-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11122 | |||
Oval ID: | oval:org.mitre.oval:def:11122 | ||
Title: | Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568. | ||
Description: | Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3089 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11749 | |||
Oval ID: | oval:org.mitre.oval:def:11749 | ||
Title: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed. | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3736 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18981 | |||
Oval ID: | oval:org.mitre.oval:def:18981 | ||
Title: | DSA-1338-1 iceweasel | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1338-1 CVE-2007-3089 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19992 | |||
Oval ID: | oval:org.mitre.oval:def:19992 | ||
Title: | DSA-1337-1 xulrunner | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1337-1 CVE-2007-3089 CVE-2007-3285 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21817 | |||
Oval ID: | oval:org.mitre.oval:def:21817 | ||
Title: | ELSA-2007:0724: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0724-02 CVE-2007-3089 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21880 | |||
Oval ID: | oval:org.mitre.oval:def:21880 | ||
Title: | ELSA-2007:0723: thunderbird security update (Moderate) | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0723-01 CVE-2007-3089 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 29 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9105 | |||
Oval ID: | oval:org.mitre.oval:def:9105 | ||
Title: | Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs. | ||
Description: | Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3656 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5011293.nasl |
2009-05-05 | Name : HP-UX Update for Thunderbird HPSBUX02156 File : nvt/gb_hp_ux_HPSBUX02156.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2007:047 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2007_047.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox) File : nvt/gb_mandriva_MDKSA_2007_152.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird vulnerabilities USN-503-1 File : nvt/gb_ubuntu_USN_503_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-490-1 File : nvt/gb_ubuntu_USN_490_1.nasl |
2009-02-27 | Name : Fedora Update for epiphany-extensions FEDORA-2007-1155 File : nvt/gb_fedora_2007_1155_epiphany-extensions_fc7.nasl |
2009-02-27 | Name : Fedora Update for firefox FEDORA-2007-642 File : nvt/gb_fedora_2007_642_firefox_fc6.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-641 File : nvt/gb_fedora_2007_641_thunderbird_fc6.nasl |
2009-02-27 | Name : Fedora Update for seamonkey FEDORA-2007-1181 File : nvt/gb_fedora_2007_1181_seamonkey_fc7.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-1180 File : nvt/gb_fedora_2007_1180_thunderbird_fc7.nasl |
2009-02-27 | Name : Fedora Update for blam FEDORA-2007-1157 File : nvt/gb_fedora_2007_1157_blam_fc7.nasl |
2009-02-27 | Name : Fedora Update for yelp FEDORA-2007-1144 File : nvt/gb_fedora_2007_1144_yelp_fc7.nasl |
2009-02-27 | Name : Fedora Update for devhelp FEDORA-2007-1143 File : nvt/gb_fedora_2007_1143_devhelp_fc7.nasl |
2009-02-27 | Name : Fedora Update for firefox FEDORA-2007-1142 File : nvt/gb_fedora_2007_1142_firefox_fc7.nasl |
2009-02-27 | Name : Fedora Update for epiphany FEDORA-2007-1138 File : nvt/gb_fedora_2007_1138_epiphany_fc7.nasl |
2009-01-28 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,Seamonkey SUSE-SA:2007:049 File : nvt/gb_suse_2007_049.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-09 (mozilla/thunderbird/firefox/xulrunner) File : nvt/glsa_200708_09.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox29.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1574-1 (icedove) File : nvt/deb_1574_1.nasl |
2008-04-30 | Name : Debian Security Advisory DSA 1534-2 (iceape) File : nvt/deb_1534_2.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1535-1 (iceweasel) File : nvt/deb_1535_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1534-1 (iceape) File : nvt/deb_1534_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1532-1 (xulrunner) File : nvt/deb_1532_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1337-1 (xulrunner) File : nvt/deb_1337_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1391-1 (icedove) File : nvt/deb_1391_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1339-1 (iceape) File : nvt/deb_1339_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1338-1 (iceweasel) File : nvt/deb_1338_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
38032 | Mozilla Firefox File Extension Null Byte File Type Check Bypass |
38028 | Mozilla Firefox wyciwyg:// Handler Cache Zone Bypass |
38024 | Mozilla Firefox document.write IFRAME Replacement XSS |
38016 | Mozilla Firefox Crafted XPCNativeWrapper Arbitrary Code Execution (moz_bug_r_a4) |
38015 | Mozilla Firefox Crafted XPCNativeWrapper Arbitrary Code Execution (shutdown) |
38010 | Mozilla Firefox Event Handler Unspecified Element Arbitrary Code Execution |
38002 | Mozilla Firefox addEventListener / setTimeout Function Cross Site Context XSS |
38001 | Mozilla Multiple Products JavaScript Engine Multiple Unspecified Memory Corru... |
38000 | Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corruption |
Snort® IPS/IDS
Date | Description |
---|---|
2018-01-23 | Mozilla Firefox DOM event handler privilege escalation attempt RuleID : 45247 - Revision : 2 - Type : BROWSER-FIREFOX |
2018-01-23 | Mozilla Firefox DOM event handler privilege escalation attempt RuleID : 45246 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-29 | Mozilla Firefox wyciwgy domain forgery attempt RuleID : 43761 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-23 | Mozilla Firefox display moz-deck style memory corruption attempt RuleID : 43644 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-23 | Mozilla Firefox design mode deleted style memory corruption attempt RuleID : 43643 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-23 | Mozilla Firefox multiple vulnerabilities memory corruption attempt RuleID : 43642 - Revision : 4 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox null byte file remote code execution attempt RuleID : 21394 - Revision : 5 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070718_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070718_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20070718_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-02-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-042.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-047.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1574.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1535.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1532.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1534.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-3932.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-503-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-490-1.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1155.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1157.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1180.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1181.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1143.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1144.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1142.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1138.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1391.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-3935.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-3933.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-3973.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-3984.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-3986.nasl - Type : ACT_GATHER_INFO |
2007-08-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-09.nasl - Type : ACT_GATHER_INFO |
2007-08-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-152.nasl - Type : ACT_GATHER_INFO |
2007-07-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1339.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1338.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1337.nasl - Type : ACT_GATHER_INFO |
2007-07-25 | Name : A web browser on the remote host is prone to multiple flaws. File : seamonkey_113.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_2005.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e190ca65363611dca697000c6ec775d9.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-642.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-641.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2007-07-19 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_2005.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:30 |
|