Firefox vulnerabilities

2007-11-2600:00:00

ubuntu.com

6.7 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%

JSON

Releases

Ubuntu 7.10
Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

Packages

firefox -

Details

It was discovered that Firefox incorrectly associated redirected sites
as the origin of “jar:” contents. A malicious web site could exploit this
to modify or steal confidential data (such as passwords) from other web
sites. (CVE-2007-5947)

Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user’s privileges. (CVE-2007-5959)

Gregory Fleischer discovered that it was possible to use JavaScript to
manipulate Firefox’s Referer header. A malicious web site could exploit
this to conduct cross-site request forgeries against sites that relied
only on Referer headers for protection from such attacks. (CVE-2007-5960)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchfirefox< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox-dbg< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox-dev< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox-gnome-support< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox-libthai< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1UNKNOWN
Ubuntu7.04noarchfirefox< 2.0.0.10+1nobinonly-0ubuntu1UNKNOWN
Ubuntu7.04noarchfirefox-dbg< 2.0.0.10+1nobinonly-0ubuntu1UNKNOWN
Ubuntu7.04noarchfirefox-dev< 2.0.0.10+1nobinonly-0ubuntu1UNKNOWN
Ubuntu7.04noarchfirefox-gnome-support< 2.0.0.10+1nobinonly-0ubuntu1UNKNOWN
Ubuntu7.04noarchfirefox-libthai< 2.0.0.10+1nobinonly-0ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	7.10	noarch	firefox	< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox-dbg	< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox-dev	< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox-gnome-support	< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox-libthai	< 2.0.0.10+2nobinonly-0ubuntu1.7.10.1	UNKNOWN
Ubuntu	7.04	noarch	firefox	< 2.0.0.10+1nobinonly-0ubuntu1	UNKNOWN
Ubuntu	7.04	noarch	firefox-dbg	< 2.0.0.10+1nobinonly-0ubuntu1	UNKNOWN
Ubuntu	7.04	noarch	firefox-dev	< 2.0.0.10+1nobinonly-0ubuntu1	UNKNOWN
Ubuntu	7.04	noarch	firefox-gnome-support	< 2.0.0.10+1nobinonly-0ubuntu1	UNKNOWN
Ubuntu	7.04	noarch	firefox-libthai	< 2.0.0.10+1nobinonly-0ubuntu1	UNKNOWN