exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2007-3736

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.

Related Files

Gentoo Linux Security Advisory 200708-9
Posted Aug 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-09 - Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers, a problem with event handlers executing elements outside of the document, and a cross-site scripting (XSS) vulnerability. They also fixed a problem with promiscuous IFRAME access and an XULRunner URL spoofing issue with the wyciwyg:// URI and HTTP 302 redirects. Denials of Service involving corrupted memory were fixed in the browser engine and the JavaScript engine. Finally, another XSS vulnerability caused by a regression in the CVE-2007-3089 patch was fixed. Versions less than 2.0.0.6 are affected.

tags | advisory, web, spoof, javascript, xss
systems | linux, gentoo
advisories | CVE-2007-3089, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738, CVE-2007-3844
SHA-256 | 764eb18f274a13a2519a59558d5e3a6de627854283160fa729985a477c6ca6a8
Mandriva Linux Security Advisory 2007.152
Posted Aug 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3670, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738, CVE-2007-3844, CVE-2007-3845
SHA-256 | 09a93ae755c8850298dff969f0aaed4e9395ebe574184598d2c77a04e5ddd3f8
Debian Linux Security Advisory 1339-1
Posted Jul 24, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1339-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-3089, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
SHA-256 | a8d6d010a984e1a64532f335ce92aa1f236237e0013c73b0916ee5eb051d2d94
Debian Linux Security Advisory 1338-1
Posted Jul 24, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1338-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2007-3089, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
SHA-256 | 3600b9279b98dec810d15d280abf91ec402cc43ebdb0bf2a653959295acd25ef
Debian Linux Security Advisory 1337-1
Posted Jul 23, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1337-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. These vulnerabilities range from cross site scripting to arbitrary code execution flaws.

tags | advisory, remote, arbitrary, vulnerability, code execution, xss
systems | linux, debian
advisories | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
SHA-256 | caf99c2e0f0035b962c0967f4694b48897b5d59cdcb1f4b99a052dd8022a5767
Ubuntu Security Notice 490-1
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 490-1 - A slew of vulnerabilities have been fixed in the Firefox browser. Too many to list, but we suggest upgrading now.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
SHA-256 | 4c2895058ecfb4ae1b11af7afd580f2416642597addd5705e9f4d95880f30ea6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close