Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17143
HistoryJun 01, 2007 - 12:00 a.m.

Mozilla Foundation Security Advisory 2007-16

2007-06-0100:00:00
vulners.com
14
JSON

Title: XSS using addEventListener
Impact: High
Announced: May 30, 2007
Reporter: moz_bug_r_a4
Products: Firefox, SeaMonkey

Fixed in: Firefox 2.0.0.4
Firefox 1.5.0.12
SeaMonkey 1.0.9
SeaMonkey 1.1.2
Description
Mozilla contributor moz_bug_r_a4 demonstrated that the addEventListener method could be used to inject script into another site in violation of the browser's same-origin policy. This could be used to access or modify private or valuable information from that other site.
Workaround
Disable JavaScript until a fixed version can be installed.
References
https://bugzilla.mozilla.org/show_bug.cgi?id=376987
https://bugzilla.mozilla.org/show_bug.cgi?id=377356
CVE-2007-2870

Related

prion 1
cve 1
mozilla 1
ubuntucve 1
veracode 1
openvas 48
nessus 32
osv 3
debian 3
ubuntu 1
fedora 13
redhat 2
gentoo 1
oraclelinux 2
centos 3
securityvulns 1
suse 1
prion
prion
Cross site scripting
2007-06-01 00:30:00
cve
cve
CVE-2007-2870
2007-06-01 00:30:00
mozilla
mozilla
XSS using addEventListener — Mozilla
2007-05-30 00:00:00
ubuntucve
ubuntucve
CVE-2007-2870
2007-06-01 00:00:00
veracode
veracode
Same-Origin Policy Bypass
2020-04-10 00:18:40
openvas
openvas
Mandriva Update for mozilla-firefox MDKSA-2007:120 (mozilla-firefox)
2009-04-09 00:00:00
Mandriva Update for mozilla-firefox MDKSA-2007:126-1 (mozilla-firefox)
2009-04-09 00:00:00
Mandriva Update for mozilla-firefox MDKSA-2007:120 (mozilla-firefox)
2009-04-09 00:00:00
nessus
nessus
Debian DSA-1300-1 : iceape - several vulnerabilities
2007-06-12 00:00:00
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:120)
2007-06-14 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 : firefox vulnerabilities (USN-468-1)
2007-11-10 00:00:00
osv
osv
iceape
2007-06-07 00:00:00
iceweasel - several vulnerabilities
2007-06-14 00:00:00
xulrunner
2007-06-12 00:00:00
debian
debian
[SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities
2007-06-12 15:57:27
[SECURITY] [DSA 1308-1] New iceweasel packages fix several vulnerabilities
2007-06-14 17:22:37
[SECURITY] [DSA 1300-1] New iceape packages fix several vulnerabilities
2007-06-07 20:16:43
ubuntu
ubuntu
Firefox vulnerabilities
2007-06-01 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: firefox-1.5.0.12-1.fc6
2007-05-31 13:01:28
[SECURITY] Fedora Core 6 Update: epiphany-2.16.3-5.fc6
2007-05-31 13:01:30
[SECURITY] Fedora Core 6 Update: devhelp-0.12-11.fc6
2007-05-31 13:01:32
redhat
redhat
(RHSA-2007:0400) Critical: firefox security update
2007-05-30 00:00:00
(RHSA-2007:0402) Critical: seamonkey security update
2007-05-30 00:00:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-06-19 00:00:00
oraclelinux
oraclelinux
Critical: firefox security update
2007-05-31 00:00:00
Critical: seamonkey security update
2007-05-31 00:00:00
centos
centos
devhelp, firefox, yelp security update
2007-05-31 21:22:44
devhelp, seamonkey security update
2007-05-31 21:23:00
seamonkey security update
2007-05-31 23:03:51
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2007-06-05 00:00:00
suse
suse
remote code execution in mozilla,MozillaFirefox,MozillaThunderbird
2007-06-27 15:10:40
JSON
Related for SECURITYVULNS:DOC:17143
prion1cve1mozilla1ubuntucve1veracode1openvas48nessus32osv3debian3ubuntu1fedora13redhat2gentoo1oraclelinux2centos3securityvulns1suse1