PT-2007-2245 · Mozilla+1 · Firefox+1

Michal Zalewski

Published

2007-02-07

Updated

2024-12-12

CVE-2007-0800

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Firefox version 1.5.0.9

Description A cross-zone issue allows remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup, considering blocked popups to have an internal zone origin.

Recommendations For Mozilla Firefox version 1.5.0.9, update to a newer version to mitigate the risk.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0800

HPSBUX02153

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

RHSA-2007:0077

RHSA-2007:0078

RHSA-2007:0079

RHSA-2007:0097

RHSA-2007:0108

RHSA-2007_0077

RHSA-2007_0078

RHSA-2007_0079

RHSA-2007_0097

RHSA-2007_0108

Affected Products

Firefox

Red Hat

PT-2007-2245 · Mozilla+1 · Firefox+1

CVE-2007-0800

Related Identifiers

Affected Products

References · 2068