CVE-2007-0779

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
http://fedoranews.org/cms/node/2713
http://fedoranews.org/cms/node/2728
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
http://osvdb.org/32109
http://rhn.redhat.com/errata/RHSA-2007-0077.html
http://secunia.com/advisories/24205 Vendor Advisory
http://secunia.com/advisories/24238 Vendor Advisory
http://secunia.com/advisories/24287 Vendor Advisory
http://secunia.com/advisories/24290 Vendor Advisory
http://secunia.com/advisories/24293 Vendor Advisory
http://secunia.com/advisories/24320 Vendor Advisory
http://secunia.com/advisories/24328 Vendor Advisory
http://secunia.com/advisories/24333 Vendor Advisory
http://secunia.com/advisories/24342 Vendor Advisory
http://secunia.com/advisories/24343 Vendor Advisory
http://secunia.com/advisories/24384 Vendor Advisory
http://secunia.com/advisories/24393 Vendor Advisory
http://secunia.com/advisories/24395 Vendor Advisory
http://secunia.com/advisories/24437 Vendor Advisory
http://secunia.com/advisories/24455 Vendor Advisory
http://secunia.com/advisories/24457 Vendor Advisory
http://secunia.com/advisories/24650 Vendor Advisory
http://security.gentoo.org/glsa/glsa-200703-04.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
http://www.mozilla.org/security/announce/2007/mfsa2007-04.html Patch Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
http://www.redhat.com/support/errata/RHSA-2007-0078.html
http://www.redhat.com/support/errata/RHSA-2007-0079.html
http://www.redhat.com/support/errata/RHSA-2007-0097.html
http://www.redhat.com/support/errata/RHSA-2007-0108.html
http://www.securityfocus.com/archive/1/461336/100/0/threaded
http://www.securityfocus.com/archive/1/461809/100/0/threaded
http://www.securityfocus.com/bid/22694 Patch
http://www.securitytracker.com/id?1017700
http://www.ubuntu.com/usn/usn-428-1
http://www.vupen.com/english/advisories/2007/0718
http://www.vupen.com/english/advisories/2008/0083
https://bugzilla.mozilla.org/show_bug.cgi?id=361298
https://issues.rpath.com/browse/RPL-1081
https://issues.rpath.com/browse/RPL-1103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
http://fedoranews.org/cms/node/2713
http://fedoranews.org/cms/node/2728
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
http://osvdb.org/32109
http://rhn.redhat.com/errata/RHSA-2007-0077.html
http://secunia.com/advisories/24205 Vendor Advisory
http://secunia.com/advisories/24238 Vendor Advisory
http://secunia.com/advisories/24287 Vendor Advisory
http://secunia.com/advisories/24290 Vendor Advisory
http://secunia.com/advisories/24293 Vendor Advisory
http://secunia.com/advisories/24320 Vendor Advisory
http://secunia.com/advisories/24328 Vendor Advisory
http://secunia.com/advisories/24333 Vendor Advisory
http://secunia.com/advisories/24342 Vendor Advisory
http://secunia.com/advisories/24343 Vendor Advisory
http://secunia.com/advisories/24384 Vendor Advisory
http://secunia.com/advisories/24393 Vendor Advisory
http://secunia.com/advisories/24395 Vendor Advisory
http://secunia.com/advisories/24437 Vendor Advisory
http://secunia.com/advisories/24455 Vendor Advisory
http://secunia.com/advisories/24457 Vendor Advisory
http://secunia.com/advisories/24650 Vendor Advisory
http://security.gentoo.org/glsa/glsa-200703-04.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
http://www.mozilla.org/security/announce/2007/mfsa2007-04.html Patch Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
http://www.redhat.com/support/errata/RHSA-2007-0078.html
http://www.redhat.com/support/errata/RHSA-2007-0079.html
http://www.redhat.com/support/errata/RHSA-2007-0097.html
http://www.redhat.com/support/errata/RHSA-2007-0108.html
http://www.securityfocus.com/archive/1/461336/100/0/threaded
http://www.securityfocus.com/archive/1/461809/100/0/threaded
http://www.securityfocus.com/bid/22694 Patch
http://www.securitytracker.com/id?1017700
http://www.ubuntu.com/usn/usn-428-1
http://www.vupen.com/english/advisories/2007/0718
http://www.vupen.com/english/advisories/2008/0083
https://bugzilla.mozilla.org/show_bug.cgi?id=361298
https://issues.rpath.com/browse/RPL-1081
https://issues.rpath.com/browse/RPL-1103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*

History

21 Nov 2024, 00:26

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc - () ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc -
References () ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc - () ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc -
References () http://fedoranews.org/cms/node/2713 - () http://fedoranews.org/cms/node/2713 -
References () http://fedoranews.org/cms/node/2728 - () http://fedoranews.org/cms/node/2728 -
References () http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 - () http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 -
References () http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html - () http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html -
References () http://osvdb.org/32109 - () http://osvdb.org/32109 -
References () http://rhn.redhat.com/errata/RHSA-2007-0077.html - () http://rhn.redhat.com/errata/RHSA-2007-0077.html -
References () http://secunia.com/advisories/24205 - Vendor Advisory () http://secunia.com/advisories/24205 - Vendor Advisory
References () http://secunia.com/advisories/24238 - Vendor Advisory () http://secunia.com/advisories/24238 - Vendor Advisory
References () http://secunia.com/advisories/24287 - Vendor Advisory () http://secunia.com/advisories/24287 - Vendor Advisory
References () http://secunia.com/advisories/24290 - Vendor Advisory () http://secunia.com/advisories/24290 - Vendor Advisory
References () http://secunia.com/advisories/24293 - Vendor Advisory () http://secunia.com/advisories/24293 - Vendor Advisory
References () http://secunia.com/advisories/24320 - Vendor Advisory () http://secunia.com/advisories/24320 - Vendor Advisory
References () http://secunia.com/advisories/24328 - Vendor Advisory () http://secunia.com/advisories/24328 - Vendor Advisory
References () http://secunia.com/advisories/24333 - Vendor Advisory () http://secunia.com/advisories/24333 - Vendor Advisory
References () http://secunia.com/advisories/24342 - Vendor Advisory () http://secunia.com/advisories/24342 - Vendor Advisory
References () http://secunia.com/advisories/24343 - Vendor Advisory () http://secunia.com/advisories/24343 - Vendor Advisory
References () http://secunia.com/advisories/24384 - Vendor Advisory () http://secunia.com/advisories/24384 - Vendor Advisory
References () http://secunia.com/advisories/24393 - Vendor Advisory () http://secunia.com/advisories/24393 - Vendor Advisory
References () http://secunia.com/advisories/24395 - Vendor Advisory () http://secunia.com/advisories/24395 - Vendor Advisory
References () http://secunia.com/advisories/24437 - Vendor Advisory () http://secunia.com/advisories/24437 - Vendor Advisory
References () http://secunia.com/advisories/24455 - Vendor Advisory () http://secunia.com/advisories/24455 - Vendor Advisory
References () http://secunia.com/advisories/24457 - Vendor Advisory () http://secunia.com/advisories/24457 - Vendor Advisory
References () http://secunia.com/advisories/24650 - Vendor Advisory () http://secunia.com/advisories/24650 - Vendor Advisory
References () http://security.gentoo.org/glsa/glsa-200703-04.xml - () http://security.gentoo.org/glsa/glsa-200703-04.xml -
References () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 - () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 -
References () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 - () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 -
References () http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml - () http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 - () http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 -
References () http://www.mozilla.org/security/announce/2007/mfsa2007-04.html - Patch, Vendor Advisory () http://www.mozilla.org/security/announce/2007/mfsa2007-04.html - Patch, Vendor Advisory
References () http://www.novell.com/linux/security/advisories/2007_22_mozilla.html - () http://www.novell.com/linux/security/advisories/2007_22_mozilla.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0078.html - () http://www.redhat.com/support/errata/RHSA-2007-0078.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0079.html - () http://www.redhat.com/support/errata/RHSA-2007-0079.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0097.html - () http://www.redhat.com/support/errata/RHSA-2007-0097.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0108.html - () http://www.redhat.com/support/errata/RHSA-2007-0108.html -
References () http://www.securityfocus.com/archive/1/461336/100/0/threaded - () http://www.securityfocus.com/archive/1/461336/100/0/threaded -
References () http://www.securityfocus.com/archive/1/461809/100/0/threaded - () http://www.securityfocus.com/archive/1/461809/100/0/threaded -
References () http://www.securityfocus.com/bid/22694 - Patch () http://www.securityfocus.com/bid/22694 - Patch
References () http://www.securitytracker.com/id?1017700 - () http://www.securitytracker.com/id?1017700 -
References () http://www.ubuntu.com/usn/usn-428-1 - () http://www.ubuntu.com/usn/usn-428-1 -
References () http://www.vupen.com/english/advisories/2007/0718 - () http://www.vupen.com/english/advisories/2007/0718 -
References () http://www.vupen.com/english/advisories/2008/0083 - () http://www.vupen.com/english/advisories/2008/0083 -
References () https://bugzilla.mozilla.org/show_bug.cgi?id=361298 - () https://bugzilla.mozilla.org/show_bug.cgi?id=361298 -
References () https://issues.rpath.com/browse/RPL-1081 - () https://issues.rpath.com/browse/RPL-1081 -
References () https://issues.rpath.com/browse/RPL-1103 - () https://issues.rpath.com/browse/RPL-1103 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757 -

Information

Published : 2007-02-26 20:28

Updated : 2024-11-21 00:26


NVD link : CVE-2007-0779

Mitre link : CVE-2007-0779

CVE.ORG link : CVE-2007-0779


JSON object : View

Products Affected

mozilla

  • firefox
  • seamonkey