English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-0981
Description:Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Test IDs: 1.3.6.1.4.1.25623.1.0.58468  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-0981
BugTraq ID: 22566
http://www.securityfocus.com/bid/22566
Bugtraq: 20070214 Firefox: serious cookie stealing / same-domain bypass vulnerability (Google Search)
http://www.securityfocus.com/archive/1/460126/100/200/threaded
Bugtraq: 20070215 Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability (Google Search)
http://www.securityfocus.com/archive/1/460217/100/0/threaded
Bugtraq: 20070226 rPSA-2007-0040-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/461336/100/0/threaded
Bugtraq: 20070303 rPSA-2007-0040-3 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/461809/100/0/threaded
CERT/CC vulnerability note: VU#885753
http://www.kb.cert.org/vuls/id/885753
Debian Security Information: DSA-1336 (Google Search)
http://www.debian.org/security/2007/dsa-1336
http://fedoranews.org/cms/node/2713
http://fedoranews.org/cms/node/2728
http://security.gentoo.org/glsa/glsa-200703-04.xml
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
http://lcamtuf.dione.cc/ffhostname.html
http://www.osvdb.org/32104
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730
RedHat Security Advisories: RHSA-2007:0077
http://rhn.redhat.com/errata/RHSA-2007-0077.html
RedHat Security Advisories: RHSA-2007:0078
http://www.redhat.com/support/errata/RHSA-2007-0078.html
RedHat Security Advisories: RHSA-2007:0079
http://www.redhat.com/support/errata/RHSA-2007-0079.html
RedHat Security Advisories: RHSA-2007:0097
http://www.redhat.com/support/errata/RHSA-2007-0097.html
RedHat Security Advisories: RHSA-2007:0108
http://www.redhat.com/support/errata/RHSA-2007-0108.html
http://securitytracker.com/id?1017654
http://secunia.com/advisories/24175
http://secunia.com/advisories/24205
http://secunia.com/advisories/24238
http://secunia.com/advisories/24287
http://secunia.com/advisories/24290
http://secunia.com/advisories/24293
http://secunia.com/advisories/24320
http://secunia.com/advisories/24328
http://secunia.com/advisories/24333
http://secunia.com/advisories/24342
http://secunia.com/advisories/24343
http://secunia.com/advisories/24384
http://secunia.com/advisories/24393
http://secunia.com/advisories/24395
http://secunia.com/advisories/24437
http://secunia.com/advisories/24455
http://secunia.com/advisories/24457
http://secunia.com/advisories/24650
http://secunia.com/advisories/25588
SGI Security Advisory: 20070202-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
SGI Security Advisory: 20070301-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
http://securityreason.com/securityalert/2262
SuSE Security Announcement: SUSE-SA:2007:019 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
SuSE Security Announcement: SUSE-SA:2007:022 (Google Search)
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
http://www.ubuntu.com/usn/usn-428-1
http://www.vupen.com/english/advisories/2007/0624
http://www.vupen.com/english/advisories/2007/0718
http://www.vupen.com/english/advisories/2008/0083
XForce ISS Database: firefox-locationhostname-security-bypass(32533)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32533



© 1998-2025 E-Soft Inc. All rights reserved.