Lucene search

[email protected]CVE-2007-5338

HistoryOct 21, 2007 - 8:17 p.m.

CVE-2007-5338

2007-10-2120:17:00

CWE-264

CWE-16

[email protected]

web.nvd.nist.gov

mozilla firefox

seamonkey

cve-2007-5338

remote code execution

nvd

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.4%

JSON

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyle1.1.4
mozilla:firefoxmozilla firefoxle2.0.0.7

CPE	Name	Operator	Version
mozilla:seamonkey	mozilla seamonkey	le	1.1.4
mozilla:firefox	mozilla firefox	le	2.0.0.7

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

secunia.com/advisories/27276

secunia.com/advisories/27298

secunia.com/advisories/27311

secunia.com/advisories/27315

secunia.com/advisories/27325

secunia.com/advisories/27327

secunia.com/advisories/27335

secunia.com/advisories/27336

secunia.com/advisories/27356

secunia.com/advisories/27360

secunia.com/advisories/27383

secunia.com/advisories/27387

secunia.com/advisories/27403

secunia.com/advisories/27414

secunia.com/advisories/27425

secunia.com/advisories/27480

secunia.com/advisories/27665

secunia.com/advisories/27680

secunia.com/advisories/28398

securitytracker.com/id?1018836

sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

www.debian.org/security/2007/dsa-1392

www.debian.org/security/2007/dsa-1396

www.debian.org/security/2007/dsa-1401

www.gentoo.org/security/en/glsa/glsa-200711-14.xml

www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

www.mozilla.org/security/announce/2007/mfsa2007-35.html

www.novell.com/linux/security/advisories/2007_57_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0979.html

www.redhat.com/support/errata/RHSA-2007-0980.html

www.redhat.com/support/errata/RHSA-2007-0981.html

www.securityfocus.com/archive/1/482876/100/200/threaded

www.securityfocus.com/archive/1/482925/100/0/threaded

www.securityfocus.com/archive/1/482932/100/200/threaded

www.securityfocus.com/bid/26132

www.ubuntu.com/usn/usn-536-1

www.vupen.com/english/advisories/2007/3544

www.vupen.com/english/advisories/2007/3587

www.vupen.com/english/advisories/2008/0083

exchange.xforce.ibmcloud.com/vulnerabilities/37288

issues.rpath.com/browse/RPL-1858

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10965

usn.ubuntu.com/535-1/

www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2007-5338

veracode1 prion1 ubuntucve1 securityvulns2 mozilla1 seebug1 nessus35 debian8 osv8 openvas22 gentoo1 redhat3 centos4 oraclelinux3 fedora4 ubuntu2 suse1