Lucene search

PRIOn knowledge basePRION:CVE-2007-3511

HistoryJul 03, 2007 - 10:30 a.m.

Design/Logic Flaw

2007-07-0310:30:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.03 Low

EPSS

Percentile

90.7%

JSON

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the “for” attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

CPENameOperatorVersion
firefoxeq1.5.0.12
firefoxeq2.0.0.6
firefoxeq2.0.0.4
firefoxle2.0.0.7
firefoxeq2.0.0.5
seamonkeyeq1.0.3
seamonkeyeq1.0.1
seamonkeyeq1.0.6
seamonkeyeq1.0.9
seamonkeyeq1.1.3

Name	Operator	Version
firefox	eq	1.5.0.12
firefox	eq	2.0.0.6
firefox	eq	2.0.0.4
firefox	le	2.0.0.7
firefox	eq	2.0.0.5
seamonkey	eq	1.0.3
seamonkey	eq	1.0.1
seamonkey	eq	1.0.6
seamonkey	eq	1.0.9
seamonkey	eq	1.1.3

Rows per page:

1-10 of 261

References

archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html

archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

osvdb.org/37994

secunia.com/advisories/25904

secunia.com/advisories/27276

secunia.com/advisories/27298

secunia.com/advisories/27325

secunia.com/advisories/27327

secunia.com/advisories/27335

secunia.com/advisories/27336

secunia.com/advisories/27356

secunia.com/advisories/27383

secunia.com/advisories/27387

secunia.com/advisories/27403

secunia.com/advisories/27414

secunia.com/advisories/27425

secunia.com/advisories/27480

secunia.com/advisories/27680

securitytracker.com/id?1018837

sla.ckers.org/forum/read.php?3%2C13142

sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

www.debian.org/security/2007/dsa-1392

www.debian.org/security/2007/dsa-1396

www.debian.org/security/2007/dsa-1401

www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

www.mozilla.org/security/announce/2007/mfsa2007-32.html

www.novell.com/linux/security/advisories/2007_57_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0979.html

www.redhat.com/support/errata/RHSA-2007-0980.html

www.redhat.com/support/errata/RHSA-2007-0981.html

www.securityfocus.com/archive/1/482876/100/200/threaded

www.securityfocus.com/archive/1/482925/100/0/threaded

www.securityfocus.com/archive/1/482932/100/200/threaded

www.securityfocus.com/bid/24725

www.ubuntu.com/usn/usn-536-1

www.vupen.com/english/advisories/2007/3544

www.vupen.com/english/advisories/2007/3587

www.vupen.com/english/advisories/2008/0083

yathong.googlepages.com/FirefoxFocusBug.html

exchange.xforce.ibmcloud.com/vulnerabilities/35299

issues.rpath.com/browse/RPL-1858

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763

usn.ubuntu.com/535-1/

www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.03 Low

EPSS

Percentile

90.7%

JSON

Related for PRION:CVE-2007-3511