CVE-2007-0995

MEDIUM

Description

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

http://fedoranews.org/cms/node/2713

http://fedoranews.org/cms/node/2728

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://ha.ckers.org/xss.html#XSS_Non_alpha_non_digit2

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

http://osvdb.org/32112

http://rhn.redhat.com/errata/RHSA-2007-0077.html

http://secunia.com/advisories/24205

http://secunia.com/advisories/24238

http://secunia.com/advisories/24287

http://secunia.com/advisories/24290

http://secunia.com/advisories/24293

http://secunia.com/advisories/24320

http://secunia.com/advisories/24328

http://secunia.com/advisories/24333

http://secunia.com/advisories/24342

http://secunia.com/advisories/24343

http://secunia.com/advisories/24384

http://secunia.com/advisories/24393

http://secunia.com/advisories/24395

http://secunia.com/advisories/24437

http://secunia.com/advisories/24455

http://secunia.com/advisories/24457

http://secunia.com/advisories/24650

http://secunia.com/advisories/25588

http://security.gentoo.org/glsa/glsa-200703-04.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

http://www.debian.org/security/2007/dsa-1336

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

http://www.mozilla.org/security/announce/2007/mfsa2007-02.html

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

http://www.osvdb.org/32111

http://www.redhat.com/support/errata/RHSA-2007-0078.html

http://www.redhat.com/support/errata/RHSA-2007-0079.html

http://www.redhat.com/support/errata/RHSA-2007-0097.html

http://www.redhat.com/support/errata/RHSA-2007-0108.html

http://www.securityfocus.com/archive/1/461336/100/0/threaded

http://www.securityfocus.com/archive/1/461809/100/0/threaded

http://www.securityfocus.com/bid/22694

http://www.securitytracker.com/id?1017702

http://www.ubuntu.com/usn/usn-428-1

http://www.vupen.com/english/advisories/2007/0718

http://www.vupen.com/english/advisories/2008/0083

https://issues.rpath.com/browse/RPL-1081

https://issues.rpath.com/browse/RPL-1103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10164

Details

Source: MITRE

Published: 2007-02-26

Updated: 2018-10-16

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* versions up to 1.0.7 (inclusive)

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
67455Oracle Linux 4 : Firefox (ELSA-2007-0079)NessusOracle Linux Local Security Checks
high
67454Oracle Linux 4 : thunderbird (ELSA-2007-0078)NessusOracle Linux Local Security Checks
high
67453Oracle Linux 3 / 4 : seamonkey (ELSA-2007-0077)NessusOracle Linux Local Security Checks
high
67452Oracle Linux 4 : seamonkey (ELSA-2007-0077-2)NessusOracle Linux Local Security Checks
high
63841RHEL 5 : thunderbird (RHSA-2007:0108)NessusRed Hat Local Security Checks
high
29359SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 2683)NessusSuSE Local Security Checks
high
28022Ubuntu 6.06 LTS : firefox regression (USN-428-2)NessusUbuntu Local Security Checks
high
28021Ubuntu 5.10 / 6.06 LTS / 6.10 : firefox vulnerabilities (USN-428-1)NessusUbuntu Local Security Checks
high
27440openSUSE 10 Security Update : seamonkey (seamonkey-2811)NessusSuSE Local Security Checks
high
27439openSUSE 10 Security Update : seamonkey (seamonkey-2691)NessusSuSE Local Security Checks
high
27119openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2699)NessusSuSE Local Security Checks
high
27118openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2647)NessusSuSE Local Security Checks
high
25779Debian DSA-1336-1 : mozilla-firefox - several vulnerabilitiesNessusDebian Local Security Checks
high
25318RHEL 5 : firefox (RHSA-2007:0097)NessusRed Hat Local Security Checks
high
3942LedgerSMB / SQL-Ledger Authentication BypassNessus Network MonitorWeb Servers
medium
24800GLSA-200703-08 : SeaMonkey: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
24791Slackware 11.0 : seamonkey (SSA:2007-066-05)NessusSlackware Local Security Checks
high
24789Slackware 10.2 / 11.0 : mozilla-firefox (SSA:2007-066-03)NessusSlackware Local Security Checks
high
24774RHEL 4 : thunderbird (RHSA-2007:0078)NessusRed Hat Local Security Checks
high
24771GLSA-200703-04 : Mozilla Firefox: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
24763CentOS 4 : thunderbird (CESA-2007:0078)NessusCentOS Local Security Checks
high
3931Mozilla Thunderbird < 1.5.0.10 Multiple Vulnerabilities (deprecated)Nessus Network MonitorSMTP Clients
medium
24753Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:050-1)NessusMandriva Local Security Checks
high
3927SeaMonkey < 1.0.8 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
24735SeaMonkey < 1.0.8 Multiple VulnerabilitiesNessusWindows
high
24729Fedora Core 6 : devhelp-0.12-10.fc6 / epiphany-2.16.3-2.fc6 / firefox-1.5.0.10-1.fc6 / etc (2007-293)NessusFedora Local Security Checks
high
24716Fedora Core 5 : firefox-1.5.0.10-1.fc5 (2007-281)NessusFedora Local Security Checks
high
3922Mozilla Firefox < 1.5.0.10 / 2.0.0.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
24708RHEL 4 : Firefox (RHSA-2007:0079)NessusRed Hat Local Security Checks
high
24707RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2007:0077)NessusRed Hat Local Security Checks
high
24705FreeBSD : mozilla -- multiple vulnerabilities (12bd6ecf-c430-11db-95c5-000c6ec775d9)NessusFreeBSD Local Security Checks
high
24704CentOS 4 : firefox (CESA-2007:0079)NessusCentOS Local Security Checks
high
24703CentOS 3 / 4 : seamonkey (CESA-2007:0077)NessusCentOS Local Security Checks
high
24701Firefox < 1.5.0.10 / 2.0.0.2 Multiple VulnerabilitiesNessusWindows
high
800879SeaMonkey < 1.0.8 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
800760Firefox < 1.5.0.10 / 2.0.0.2 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high