Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-3089
Description:Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.
Test IDs: 1.3.6.1.4.1.25623.1.0.58471   1.3.6.1.4.1.25623.1.0.58470   1.3.6.1.4.1.25623.1.0.59759   1.3.6.1.4.1.25623.1.0.58469   1.3.6.1.4.1.25623.1.0.59753   1.3.6.1.4.1.25623.1.0.59758   1.3.6.1.4.1.25623.1.0.59763   1.3.6.1.4.1.25623.1.0.59750   1.3.6.1.4.1.25623.1.0.59752  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
BugTraq ID: 24286
http://www.securityfocus.com/bid/24286
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/470446/100/0/threaded
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/474226/100/0/threaded
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/474542/100/0/threaded
Cert/CC Advisory: TA07-199A
http://www.us-cert.gov/cas/techalerts/TA07-199A.html
CERT/CC vulnerability note: VU#143297
http://www.kb.cert.org/vuls/id/143297
Debian Security Information: DSA-1337 (Google Search)
http://www.debian.org/security/2007/dsa-1337
Debian Security Information: DSA-1338 (Google Search)
http://www.debian.org/security/2007/dsa-1338
Debian Security Information: DSA-1339 (Google Search)
http://www.debian.org/security/2007/dsa-1339
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
http://lcamtuf.coredump.cx/ifsnatch/
https://bugzilla.mozilla.org/show_bug.cgi?id=381300
https://bugzilla.mozilla.org/show_bug.cgi?id=382686
http://osvdb.org/38024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11122
RedHat Security Advisories: RHSA-2007:0722
http://www.redhat.com/support/errata/RHSA-2007-0722.html
RedHat Security Advisories: RHSA-2007:0723
http://www.redhat.com/support/errata/RHSA-2007-0723.html
RedHat Security Advisories: RHSA-2007:0724
http://www.redhat.com/support/errata/RHSA-2007-0724.html
http://www.securitytracker.com/id?1018412
http://secunia.com/advisories/25589
http://secunia.com/advisories/26072
http://secunia.com/advisories/26095
http://secunia.com/advisories/26103
http://secunia.com/advisories/26106
http://secunia.com/advisories/26107
http://secunia.com/advisories/26149
http://secunia.com/advisories/26151
http://secunia.com/advisories/26159
http://secunia.com/advisories/26179
http://secunia.com/advisories/26204
http://secunia.com/advisories/26205
http://secunia.com/advisories/26211
http://secunia.com/advisories/26216
http://secunia.com/advisories/26258
http://secunia.com/advisories/26271
http://secunia.com/advisories/26460
http://secunia.com/advisories/28135
SGI Security Advisory: 20070701-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
http://securityreason.com/securityalert/2781
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
http://www.ubuntu.com/usn/usn-490-1
http://www.vupen.com/english/advisories/2007/2564
http://www.vupen.com/english/advisories/2007/4256
XForce ISS Database: firefox-iframe-security-bypass(34701)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34701




© 1998-2021 E-Soft Inc. All rights reserved.