Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Mozilla Firefox / Thunderbird / Seamonkey (multiple bugs)
дополнено с 27 февраля 2007 г.
Опубликовано:6 марта 2007 г.
Источник:
SecurityVulns ID:7309
Тип:удаленная
Уровень опасности:
7/10
Описание:Обход фильтрации HTML-содержимого, межсайтовый скриптинг, слабая хэширующая функция, повреждение памяти, переполнение буфера и др.
Затронутые продукты:MOZILLA : Thunderbird 1.5
 MOZILLA : Firefox 1.5
 MOZILLA : Seamonkey 1.0
 MOZILLA : Firefox 2.0
CVE:CVE-2007-1282 (Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.)
 CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.)
 CVE-2007-0994 (A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.)
 CVE-2007-0780 (browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.)
 CVE-2007-0779 (GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.)
 CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.)
 CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.)
 CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.)
 CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.)
Оригинальный текстdocumentMOZILLA, Mozilla Foundation Security Advisory 2007-09 (06.03.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-10 (06.03.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-05 (27.02.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-04 (27.02.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-03 (27.02.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-02 (27.02.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-01 (27.02.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород