[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5334Date: (C)2007-10-21   (M)2023-12-22


Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1018837
http://www.securityfocus.com/archive/1/482876/100/200/threaded
http://www.securityfocus.com/archive/1/482925/100/0/threaded
http://www.securityfocus.com/archive/1/482932/100/200/threaded
SUNALERT-201516
BID-26132
SECUNIA-27276
SECUNIA-27298
SECUNIA-27311
SECUNIA-27315
SECUNIA-27325
SECUNIA-27327
SECUNIA-27335
SECUNIA-27336
SECUNIA-27356
SECUNIA-27360
SECUNIA-27383
SECUNIA-27387
SECUNIA-27403
SECUNIA-27414
SECUNIA-27425
SECUNIA-27480
SECUNIA-27665
SECUNIA-27680
SECUNIA-28398
ADV-2007-3544
ADV-2007-3587
ADV-2008-0083
DSA-1392
DSA-1396
DSA-1401
FEDORA-2007-2601
FEDORA-2007-2664
FEDORA-2007-3431
GLSA-200711-14
HPSBUX02153
MDKSA-2007:202
RHSA-2007:0979
RHSA-2007:0980
RHSA-2007:0981
SUSE-SA:2007:057
USN-535-1
USN-536-1
VU#349217
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
https://issues.rpath.com/browse/RPL-1858
mozilla-xul-page-spoofing(37286)
oval:org.mitre.oval:def:11482

CPE    2
cpe:/a:mozilla:seamonkey
cpe:/a:mozilla:firefox
CWE    1
CWE-16

© SecPod Technologies