CVE-2007-3089

MEDIUM

Description

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

References

ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt

ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://lcamtuf.coredump.cx/ifsnatch/

http://osvdb.org/38024

http://secunia.com/advisories/25589

http://secunia.com/advisories/26072

http://secunia.com/advisories/26095

http://secunia.com/advisories/26103

http://secunia.com/advisories/26106

http://secunia.com/advisories/26107

http://secunia.com/advisories/26149

http://secunia.com/advisories/26151

http://secunia.com/advisories/26159

http://secunia.com/advisories/26179

http://secunia.com/advisories/26204

http://secunia.com/advisories/26205

http://secunia.com/advisories/26211

http://secunia.com/advisories/26216

http://secunia.com/advisories/26258

http://secunia.com/advisories/26271

http://secunia.com/advisories/26460

http://secunia.com/advisories/28135

http://securityreason.com/securityalert/2781

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html

http://www.debian.org/security/2007/dsa-1337

http://www.debian.org/security/2007/dsa-1338

http://www.debian.org/security/2007/dsa-1339

http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml

http://www.kb.cert.org/vuls/id/143297

http://www.mandriva.com/security/advisories?name=MDKSA-2007:152

http://www.mozilla.org/security/announce/2007/mfsa2007-20.html

http://www.novell.com/linux/security/advisories/2007_49_mozilla.html

http://www.redhat.com/support/errata/RHSA-2007-0722.html

http://www.redhat.com/support/errata/RHSA-2007-0723.html

http://www.redhat.com/support/errata/RHSA-2007-0724.html

http://www.securityfocus.com/archive/1/470446/100/0/threaded

http://www.securityfocus.com/archive/1/474226/100/0/threaded

http://www.securityfocus.com/archive/1/474542/100/0/threaded

http://www.securityfocus.com/bid/24286

http://www.securitytracker.com/id?1018412

http://www.ubuntu.com/usn/usn-490-1

http://www.us-cert.gov/cas/techalerts/TA07-199A.html

http://www.vupen.com/english/advisories/2007/2564

http://www.vupen.com/english/advisories/2007/4256

https://bugzilla.mozilla.org/show_bug.cgi?id=381300

https://bugzilla.mozilla.org/show_bug.cgi?id=382686

https://exchange.xforce.ibmcloud.com/vulnerabilities/34701

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122

Details

Source: MITRE

Published: 2007-06-06

Updated: 2018-10-16

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM