Lucene search
Ubuntu.comUB:CVE-2007-5947HistoryNov 14, 2007 - 12:00 a.m.
CVE-2007-5947
2007-11-1400:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.015 Low
EPSS
Percentile
86.5%
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey
before 1.1.7 retrieves the inner URL regardless of its MIME type, and
considers HTML documents within a jar archive to have the same origin as
the inner URL, which allows remote attackers to conduct cross-site
scripting (XSS) attacks via a jar: URI.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.14~prepatch071125a-0ubuntu1 | UNKNOWN |
| ubuntu | 6.10 | noarch | firefox | < 2.0.0.10+0nobinonly-0ubuntu0.6.10 | UNKNOWN |
| ubuntu | 7.04 | noarch | firefox | < 2.0.0.10+1nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.10+2nobinonly-0ubuntu1.7.10.1 | UNKNOWN |
Related
prion
prion
Cross site scripting
2007-11-14 01:46:00
Cross site scripting
2007-12-28 21:46:00
securityvulns
securityvulns
Mozilla Forefox jar: URL crossite scripting
2007-11-27 00:00:00
Mozilla Foundation Security Advisory 2007-37
2007-11-27 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:18:41
cert
cert
Mozilla-based browsers jar: URI cross-site scripting vulnerability
2007-11-08 00:00:00
cve
cve
CVE-2007-5947
2007-11-14 01:46:00
CVE-2007-6589
2007-12-28 21:46:00
mozilla
mozilla
jar: URI scheme XSS hazard — Mozilla
2007-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2007-6589
2007-12-28 00:00:00
osv
osv
xulrunner - several vulnerabilities
2007-12-08 00:00:00
iceweasel - several vulnerabilities
2007-12-08 00:00:00
iceape - several vulnerabilities
2008-02-24 00:00:00
openvas
openvas
CentOS Update for thunderbird CESA-2007:1083 centos4 i386
2009-02-27 00:00:00
Fedora Update for epiphany FEDORA-2007-3952
2009-02-27 00:00:00
Fedora Update for gnome-web-photo FEDORA-2007-3962
2009-02-27 00:00:00
nessus
nessus
openSUSE 10 Security Update : seamonkey (seamonkey-4794)
2007-12-13 00:00:00
Debian DSA-1425-1 : xulrunner - several vulnerabilities
2007-12-11 00:00:00
SeaMonkey < 1.1.7 Multiple Vulnerabilities
2007-12-02 00:00:00
redhat
redhat
(RHSA-2007:1084) Critical: seamonkey security update
2007-11-26 00:00:00
(RHSA-2007:1082) Critical: firefox security update
2007-11-26 00:00:00
(RHSA-2007:1083) Moderate: thunderbird security update
2007-12-19 00:00:00
centos
centos
seamonkey security update
2007-11-30 03:00:22
seamonkey security update
2007-11-28 19:08:58
firefox security update
2007-11-29 13:07:34
fedora
fedora
[SECURITY] Fedora Core 6 Update: firefox-1.5.0.12-7.fc6
2007-12-03 15:43:57
suse
suse
remote code execution in MozillaFirefox
2007-12-05 17:10:54
ubuntu
ubuntu
Firefox regression
2007-12-04 00:00:00
Firefox vulnerabilities
2007-11-26 00:00:00
oraclelinux
oraclelinux
Critical: firefox security update
2007-11-27 00:00:00
Moderate: thunderbird security update
2007-12-19 00:00:00
Critical: seamonkey security update
2007-11-27 00:00:00
debian
debian
[SECURITY] [DSA 1425-1] New xulrunner packages fix several vulnerabilities
2007-12-08 11:40:53
[SECURITY] [DSA 1424-1] New iceweasel packages fix several vulnerabilities
2007-12-08 11:34:00
gentoo
gentoo
Mozilla Firefox, SeaMonkey: Multiple vulnerabilities
2007-12-29 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.015 Low
EPSS
Percentile
86.5%
Related for UB:CVE-2007-5947