CVE-2007-1878 in Firefoxinfo

Summary

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/05/2007

Disclosure

04/05/2007

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-80

CVSS

6.3

EPSS

0.01821

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1878
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1878
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1878/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!