CVE-2007-3736 in Firefoxinfo

Summary

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site s context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

07/12/2007

Disclosure

07/18/2007

Moderation

VulDB entry created

Entries

1: VDB-37881

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.02048

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-3736
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3736
CVE Details	https://www.cvedetails.com/cve/CVE-2007-3736/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!