Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-1947 | First vendor Publication | 2007-04-10 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 3.5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1947 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 34122 | Firebug Extension for Mozilla Firefox console.log Function toString Overwrite... |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:17:44 |
|
| 2024-11-28 12:11:59 |
|
| 2021-05-04 12:05:37 |
|
| 2021-04-22 01:06:11 |
|
| 2020-05-23 01:38:03 |
|
| 2020-05-23 00:19:34 |
|
| 2018-10-16 21:19:54 |
|
| 2016-04-26 15:58:37 |
|
| 2013-05-11 10:22:39 |
|
