PT-2007-2245 · Mozilla+1 · Firefox+1

Michal Zalewski

Publicado

2007-02-07

Atualizado

2024-12-12

CVE-2007-0800

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Firefox version 1.5.0.9

Description A cross-zone issue allows remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup, considering blocked popups to have an internal zone origin.

Recommendations For Mozilla Firefox version 1.5.0.9, update to a newer version to mitigate the risk.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0800

HPSBUX02153

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

RHSA-2007:0077

RHSA-2007:0078

RHSA-2007:0079

RHSA-2007:0097

RHSA-2007:0108

RHSA-2007_0077

RHSA-2007_0078

RHSA-2007_0079

RHSA-2007_0097

RHSA-2007_0108

Produtos afetados

Firefox

Red Hat

PT-2007-2245 · Mozilla+1 · Firefox+1

CVE-2007-0800

Identificadores relacionados

Produtos afetados

Referências · 2068