Vulnerabilities > CVE-2007-3511 - Unspecified vulnerability in Mozilla Firefox and Seamonkey

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
mozilla
nessus

Summary

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

Vulnerable Configurations

Part Description Count
Application
Mozilla
90

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2007-0981.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of Thunderbird are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27542
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27542
    titleCentOS 4 / 5 : thunderbird (CESA-2007:0981)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2007:0981 and 
    # CentOS Errata and Security Advisory 2007:0981 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27542);
      script_version("1.20");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2007-1095", "CVE-2007-2292", "CVE-2007-3511", "CVE-2007-3844", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340");
      script_bugtraq_id(22688, 23668, 24725, 25142, 26132);
      script_xref(name:"RHSA", value:"2007:0981");
    
      script_name(english:"CentOS 4 / 5 : thunderbird (CESA-2007:0981)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated thunderbird packages that fix several security bugs are now
    available for Red Hat Enterprise Linux 4 and 5.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    Several flaws were found in the way in which Thunderbird processed
    certain malformed HTML mail content. An HTML mail message containing
    malicious content could cause Thunderbird to crash or potentially
    execute arbitrary code as the user running Thunderbird. JavaScript
    support is disabled by default in Thunderbird; these issues are not
    exploitable unless the user has enabled JavaScript. (CVE-2007-5338,
    CVE-2007-5339, CVE-2007-5340)
    
    Several flaws were found in the way in which Thunderbird displayed
    malformed HTML mail content. An HTML mail message containing specially
    crafted content could potentially trick a user into surrendering
    sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511,
    CVE-2007-5334)
    
    A flaw was found in the Thunderbird sftp protocol handler. A malicious
    HTML mail message could access data from a remote sftp site, possibly
    stealing sensitive user data. (CVE-2007-5337)
    
    A request-splitting flaw was found in the way in which Thunderbird
    generates a digest authentication request. If a user opened a
    specially crafted URL, it was possible to perform cross-site scripting
    attacks, web cache poisoning, or other, similar exploits.
    (CVE-2007-2292)
    
    Users of Thunderbird are advised to upgrade to these erratum packages,
    which contain backported patches that correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2007-October/014307.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?089f3780"
      );
      # https://lists.centos.org/pipermail/centos-announce/2007-October/014308.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?315f5abd"
      );
      # https://lists.centos.org/pipermail/centos-announce/2007-October/014314.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ac983987"
      );
      # https://lists.centos.org/pipermail/centos-announce/2007-October/014315.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?04eabe0f"
      );
      # https://lists.centos.org/pipermail/centos-announce/2007-October/014319.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?92aa20fb"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected thunderbird package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(16, 20, 200);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:thunderbird");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/02/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/25");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-4", reference:"thunderbird-1.5.0.12-0.5.el4.centos")) flag++;
    
    if (rpm_check(release:"CentOS-5", reference:"thunderbird-1.5.0.12-5.el5.centos")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20071019_FIREFOX_ON_SL5_X.NASL
    descriptionSeveral flaws were found in the way in which Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Firefox sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Firefox generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292)
    last seen2020-06-01
    modified2020-06-02
    plugin id60268
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60268
    titleScientific Linux Security Update : firefox on SL5.x, SL4.x, SL3.x i386/x86_64
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20071019_THUNDERBIRD_ON_SL5_X.NASL
    descriptionSeveral flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292)
    last seen2020-06-01
    modified2020-06-02
    plugin id60270
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60270
    titleScientific Linux Security Update : thunderbird on SL5.x, SL4.x, SL3.x i386/x86_64
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1392.NASL
    descriptionSeveral remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of the next page to be loaded, which could allow information disclosure or spoofing. - CVE-2007-2292 Stefano Di Paola discovered that insufficient validation of user names used in Digest authentication on a website allows HTTP response splitting attacks. - CVE-2007-3511 It was discovered that insecure focus handling of the file upload control can lead to information disclosure. This is a variant of CVE-2006-2894. - CVE-2007-5334 Eli Friedman discovered that web pages written in Xul markup can hide the titlebar of windows, which can lead to spoofing attacks. - CVE-2007-5337 Georgi Guninski discovered the insecure handling of smb:// and sftp:// URI schemes may lead to information disclosure. This vulnerability is only exploitable if Gnome-VFS support is present on the system. - CVE-2007-5338
    last seen2020-06-01
    modified2020-06-02
    plugin id27547
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27547
    titleDebian DSA-1392-1 : xulrunner - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1401.NASL
    descriptionSeveral remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of the next page to be loaded, which could allow information disclosure or spoofing. - CVE-2007-2292 Stefano Di Paola discovered that insufficient validation of user names used in Digest authentication on a website allows HTTP response splitting attacks. - CVE-2007-3511 It was discovered that insecure focus handling of the file upload control can lead to information disclosure. This is a variant of CVE-2006-2894. - CVE-2007-5334 Eli Friedman discovered that web pages written in Xul markup can hide the titlebar of windows, which can lead to spoofing attacks. - CVE-2007-5337 Georgi Guninski discovered the insecure handling of smb:// and sftp:// URI schemes may lead to information disclosure. This vulnerability is only exploitable if Gnome-VFS support is present on the system. - CVE-2007-5338
    last seen2020-06-01
    modified2020-06-02
    plugin id27630
    published2007-11-06
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27630
    titleDebian DSA-1401-1 : iceape - several vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-535-1.NASL
    descriptionVarious flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id28141
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/28141
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-535-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2007-202.NASL
    descriptionA number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.8 for older products.
    last seen2020-06-01
    modified2020-06-02
    plugin id36338
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36338
    titleMandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:202)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0980.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way in which SeaMonkey processed certain malformed web content. A web page containing malicious content could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which SeaMonkey displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the SeaMonkey sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which SeaMonkey generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27569
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27569
    titleRHEL 2.1 / 3 / 4 : seamonkey (RHSA-2007:0980)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SEAMONKEY-4596.NASL
    descriptionThis update fixes several security issues in Mozilla SeaMonkey 1.0.9. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
    last seen2020-06-01
    modified2020-06-02
    plugin id27581
    published2007-10-26
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27581
    titleopenSUSE 10 Security Update : seamonkey (seamonkey-4596)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-2664.NASL
    description - Fri Oct 19 2007 Christopher Aillon <caillon at redhat.com> - 2.0.0.8-1 - Update to 2.0.0.8 - Tue Oct 16 2007 Martin Stransky <stransky at redhat.com> - added fix for #246248 - firefox crashes when searching - Wed Jul 18 2007 Kai Engert <kengert at redhat.com> - 2.0.0.5-1 - Update to 2.0.0.5 - Fri Jun 29 2007 Martin Stransky <stransky at redhat.com> 2.0.0.4-3 - backported pango patches from FC6 (1.5.0.12) - Sun Jun 3 2007 Christopher Aillon <caillon at redhat.com> 2.0.0.4-2 - Properly clean up threads with newer NSPR - Wed May 30 2007 Christopher Aillon <caillon at redhat.com> 2.0.0.4-1 - Final version - Wed May 23 2007 Christopher Aillon <caillon at redhat.com> 2.0.0.4-0.rc3 - Update to 2.0.0.4 RC3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27786
    published2007-11-06
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27786
    titleFedora 7 : firefox-2.0.0.8-1.fc7 (2007-2664)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2007-0979.NASL
    descriptionUpdated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way in which Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Firefox sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Firefox generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) All users of Firefox are advised to upgrade to these updated packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27540
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27540
    titleCentOS 4 / 5 : firefox (CESA-2007:0979)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-3431.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Fedora Core 7. This update has been rated as having moderate security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of Thunderbird are advised to upgrade to these erratum packages, which contain backported patches that correct these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id28231
    published2007-11-16
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/28231
    titleFedora 7 : thunderbird-2.0.0.9-1.fc7 (2007-3431)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2007-0981.NASL
    descriptionFrom Red Hat Security Advisory 2007:0981 : Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of Thunderbird are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id67593
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67593
    titleOracle Linux 4 : thunderbird (ELSA-2007-0981)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_2008.NASL
    descriptionThe installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27521
    published2007-10-19
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27521
    titleFirefox < 2.0.0.8 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0981.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of Thunderbird are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27570
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27570
    titleRHEL 4 / 5 : thunderbird (RHSA-2007:0981)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2007-0980.NASL
    descriptionFrom Red Hat Security Advisory 2007:0980 : Updated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way in which SeaMonkey processed certain malformed web content. A web page containing malicious content could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which SeaMonkey displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the SeaMonkey sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which SeaMonkey generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id67592
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67592
    titleOracle Linux 3 / 4 : seamonkey (ELSA-2007-0980)
  • NASL familyWindows
    NASL idSEAMONKEY_115.NASL
    descriptionThe installed version of SeaMonkey contains various security issues that could cause the application to crash or lead to execution of arbitrary code on the affected host subject to the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27536
    published2007-10-24
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27536
    titleSeaMonkey < 1.1.5 Multiple Vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-2601.NASL
    descriptionSeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334). Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340). Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292). The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337). Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27780
    published2007-11-06
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27780
    titleFedora 7 : seamonkey-1.1.5-1.fc7 (2007-2601)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-4572.NASL
    descriptionThis update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
    last seen2020-06-01
    modified2020-06-02
    plugin id27528
    published2007-10-24
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27528
    titleopenSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4572)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1396.NASL
    descriptionSeveral remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of the next page to be loaded, which could allow information disclosure or spoofing. - CVE-2007-2292 Stefano Di Paola discovered that insufficient validation of user names used in Digest authentication on a website allows HTTP response splitting attacks. - CVE-2007-3511 It was discovered that insecure focus handling of the file upload control can lead to information disclosure. This is a variant of CVE-2006-2894. - CVE-2007-5334 Eli Friedman discovered that web pages written in Xul markup can hide the titlebar of windows, which can lead to spoofing attacks. - CVE-2007-5337 Georgi Guninski discovered the insecure handling of smb:// and sftp:// URI schemes may lead to information disclosure. This vulnerability is only exploitable if Gnome-VFS support is present on the system. - CVE-2007-5338
    last seen2020-06-01
    modified2020-06-02
    plugin id27587
    published2007-10-30
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27587
    titleDebian DSA-1396-1 : iceweasel - several vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20071019_SEAMONKEY_ON_SL4_X.NASL
    descriptionSeveral flaws were found in the way in which SeaMonkey processed certain malformed web content. A web page containing malicious content could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which SeaMonkey displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the SeaMonkey sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which SeaMonkey generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292)
    last seen2020-06-01
    modified2020-06-02
    plugin id60269
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60269
    titleScientific Linux Security Update : seamonkey on SL4.x, SL3.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SEAMONKEY-4594.NASL
    descriptionThis update fixes several security issues in Mozilla SeaMonkey 1.1.5. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
    last seen2020-06-01
    modified2020-06-02
    plugin id27573
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27573
    titleopenSUSE 10 Security Update : seamonkey (seamonkey-4594)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2007-0980.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way in which SeaMonkey processed certain malformed web content. A web page containing malicious content could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which SeaMonkey displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the SeaMonkey sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which SeaMonkey generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27541
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27541
    titleCentOS 3 / 4 : seamonkey (CESA-2007:0980)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-3414.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Fedora Core 8. This update has been rated as having moderate security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way in which Thunderbird processed certain malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Thunderbird displayed malformed HTML mail content. An HTML mail message containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Thunderbird sftp protocol handler. A malicious HTML mail message could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Thunderbird generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) Users of Thunderbird are advised to upgrade to these erratum packages, which contain backported patches that correct these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id28230
    published2007-11-16
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28230
    titleFedora 8 : thunderbird-2.0.0.9-1.fc8 (2007-3414)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0979.NASL
    descriptionUpdated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way in which Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Firefox sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Firefox generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) All users of Firefox are advised to upgrade to these updated packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27568
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27568
    titleRHEL 4 / 5 : firefox (RHSA-2007:0979)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E24797AF803D11DCB787003048705D5A.NASL
    descriptionRedHat reports : Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334)
    last seen2020-06-01
    modified2020-06-02
    plugin id27552
    published2007-10-25
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27552
    titleFreeBSD : firefox -- OnUnload Javascript browser entrapment vulnerability (e24797af-803d-11dc-b787-003048705d5a)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-2795.NASL
    descriptionSeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334). Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340). Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292). The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337). Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id27805
    published2007-11-07
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27805
    titleFedora 8 : seamonkey-1.1.5-2.fc8 (2007-2795)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-4570.NASL
    descriptionThis update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - Privilege escalation through chrome-loaded about:blank windows. (MFSA 2007-26 / CVE-2007-3844) Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
    last seen2020-06-01
    modified2020-06-02
    plugin id29362
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29362
    titleSuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 4570)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-4574.NASL
    descriptionThis update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
    last seen2020-06-01
    modified2020-06-02
    plugin id27529
    published2007-10-24
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27529
    titleopenSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4574)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2007-0979.NASL
    descriptionFrom Red Hat Security Advisory 2007:0979 : Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way in which Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340) Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334) A flaw was found in the Firefox sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337) A request-splitting flaw was found in the way in which Firefox generates a digest authentication request. If a user opened a specially crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292) All users of Firefox are advised to upgrade to these updated packages, which contain backported patches that correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id67591
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67591
    titleOracle Linux 4 / 5 : firefox (ELSA-2007-0979)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-536-1.NASL
    descriptionVarious flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id28142
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/28142
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-536-1)

Oval

accepted2013-04-29T04:21:57.318-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionThe focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
familyunix
idoval:org.mitre.oval:def:9763
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
version27

Redhat

advisories
  • rhsa
    idRHSA-2007:0979
  • rhsa
    idRHSA-2007:0980
  • rhsa
    idRHSA-2007:0981
rpms
  • firefox-0:1.5.0.12-0.7.el4
  • firefox-0:1.5.0.12-6.el5
  • firefox-debuginfo-0:1.5.0.12-0.7.el4
  • firefox-debuginfo-0:1.5.0.12-6.el5
  • seamonkey-0:1.0.9-0.5.el3
  • seamonkey-0:1.0.9-0.6.el2
  • seamonkey-0:1.0.9-6.el4
  • seamonkey-chat-0:1.0.9-0.5.el3
  • seamonkey-chat-0:1.0.9-0.6.el2
  • seamonkey-chat-0:1.0.9-6.el4
  • seamonkey-debuginfo-0:1.0.9-0.5.el3
  • seamonkey-debuginfo-0:1.0.9-6.el4
  • seamonkey-devel-0:1.0.9-0.5.el3
  • seamonkey-devel-0:1.0.9-0.6.el2
  • seamonkey-devel-0:1.0.9-6.el4
  • seamonkey-dom-inspector-0:1.0.9-0.5.el3
  • seamonkey-dom-inspector-0:1.0.9-0.6.el2
  • seamonkey-dom-inspector-0:1.0.9-6.el4
  • seamonkey-js-debugger-0:1.0.9-0.5.el3
  • seamonkey-js-debugger-0:1.0.9-0.6.el2
  • seamonkey-js-debugger-0:1.0.9-6.el4
  • seamonkey-mail-0:1.0.9-0.5.el3
  • seamonkey-mail-0:1.0.9-0.6.el2
  • seamonkey-mail-0:1.0.9-6.el4
  • seamonkey-nspr-0:1.0.9-0.5.el3
  • seamonkey-nspr-0:1.0.9-0.6.el2
  • seamonkey-nspr-devel-0:1.0.9-0.5.el3
  • seamonkey-nspr-devel-0:1.0.9-0.6.el2
  • seamonkey-nss-0:1.0.9-0.5.el3
  • seamonkey-nss-0:1.0.9-0.6.el2
  • seamonkey-nss-devel-0:1.0.9-0.5.el3
  • seamonkey-nss-devel-0:1.0.9-0.6.el2
  • thunderbird-0:1.5.0.12-0.5.el4
  • thunderbird-0:1.5.0.12-5.el5
  • thunderbird-debuginfo-0:1.5.0.12-0.5.el4
  • thunderbird-debuginfo-0:1.5.0.12-5.el5

References