Lucene search
RootSSV:2020HistoryJul 19, 2007 - 12:00 a.m.
Mozilla Firefox 2.0.0.4多个远程安全漏洞
2007-07-1900:00:00
Root
www.seebug.org
24
0.908 High
EPSS
Percentile
98.5%
BUGTRAQ ID: 24946
CVE(CAN) ID: CVE-2007-3734,CVE-2007-3735,CVE-2007-3736,CVE-2007-3737,CVE-2007-3738
Mozilla Firefox是一款流行的开源WEB浏览器。
Firefox的浏览器引擎和JavaScript引擎中存在多个内存破坏漏洞,可能允许攻击者导致浏览器崩溃。
addEventListener和setTimeout方式中的漏洞可能允许攻击者破坏浏览器的同源策略向其他站点注入脚本,访问或修改该站点的保密或敏感数据。
攻击者可以使用文档外的元素调用事件处理器,这可能导致以chrome权限执行任意代码。
攻击者可以修改XPCNativeWrapper,导致浏览器之后的访问会执行用户所提供的代码。
Mozilla Firefox < 2.0.0.5
Mozilla
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.5” target=“_blank”>ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.5</a>
Related
nessus
nessus
Oracle Linux 4 : thunderbird (ELSA-2007-0723)
2013-07-12 00:00:00
CentOS 4 / 5 : thunderbird (CESA-2007:0723)
2007-07-23 00:00:00
Fedora 7 : thunderbird-2.0.0.5-1.fc7 (2007-1180)
2007-11-06 00:00:00
redhat
redhat
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
(RHSA-2007:0722) Critical: seamonkey security update
2007-07-18 00:00:00
openvas
openvas
Fedora Update for thunderbird FEDORA-2007-1180
2009-02-27 00:00:00
Fedora Update for thunderbird FEDORA-2007-641
2009-02-27 00:00:00
Fedora Update for thunderbird FEDORA-2007-641
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora 7 Update: firefox-2.0.0.5-1.fc7
2007-07-18 20:56:30
oraclelinux
oraclelinux
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
Critical: firefox security update
2007-07-19 00:00:00
centos
centos
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2007-07-20 05:54:56
firefox security update
2007-07-19 13:36:22
freebsd
freebsd
mozilla -- multiple vulnerabilities
2007-07-17 00:00:00
osv
osv
debian
debian
[SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities
2007-07-23 17:27:52
[SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities
2007-07-24 00:00:33
[SECURITY] [DSA 1337-1] New xulrunner packages fix several vulnerabilities
2007-07-22 19:19:22
securityvulns
securityvulns
Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
2007-07-19 00:00:00
Mozilla Foundation Security Advisory 2007-18
2007-07-19 00:00:00
Mozilla Foundation Security Advisory 2007-21
2007-07-19 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-07-20 00:00:00
Thunderbird vulnerabilities
2007-08-25 00:00:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.8.1.5) — Mozilla
2007-07-17 00:00:00
Privilege escallation using an event handler attached to an element not in the document — Mozilla
2007-07-17 00:00:00
XPCNativeWrapper pollution — Mozilla
2007-07-17 00:00:00
checkpoint_advisories
checkpoint_advisories
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:15
Arbitrary Code Execution
2020-04-10 00:17:16
Arbitrary Code Execution
2020-04-10 00:17:17
ubuntucve
ubuntucve
prion
prion
Memory corruption
2007-07-18 17:30:00
Memory corruption
2007-07-18 17:30:00
Design/Logic Flaw
2007-07-18 17:30:00
cve
cve