CVE-2007-5414

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 2.0

Description: A cross-site scripting (XSS) issue exists when UTF-7 document content is rendered directly in UTF-7, allowing remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to delimit a literal string within an XSS sequence.

Recommendations: For versions prior to 2.0, update to version 2.0 or later to resolve the issue.