logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2007-5338

Description

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.


Affected Package


OS OS Version Package Name Package Version
ubuntu 06.10 firefox 2.0.0.8+0dfsg-0ubuntu0.6.10
ubuntu 07.04 firefox 2.0.0.8+1nobinonly-0ubuntu1
ubuntu 07.10 firefox 2.0.0.8+2nobinonly-0ubuntu1
ubuntu upstream firefox 2.0.0.8
ubuntu 06.10 mozilla-thunderbird 1.5.0.13+1.5.0.14b-0ubuntu0.6.10
ubuntu 07.04 mozilla-thunderbird 1.5.0.13+1.5.0.14b-0ubuntu0.7.04
ubuntu upstream mozilla-thunderbird any
ubuntu upstream thunderbird 2.0.0.8

Related