CVE-2007-0994 in Firefoxinfo

Summary

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

02/16/2007

Disclosure

03/05/2007

Moderation

VulDB entry created

Entries

VDB-35414 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

6.3

EPSS

0.03170

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0994
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0994
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0994/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!