jvndb - jvndb-2007-000176

jvndb-2007-000176

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity

() - -

Summary

Mozilla Firefox cross-site scripting vulnerability

Details

Mozilla Firefox, web browser from Mozilla Corporation and Mozilla Japan, contains a cross-site scripting vulnerability. Mozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability.

References

Type	URL
JVN	http://jvn.jp/en/jp/JVN38605899/index.html
CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995
NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0995
SECUNIA	http://secunia.com/advisories/24205/
SECUNIA	http://secunia.com/advisories/24238/
BID	http://www.securityfocus.com/bid/22694
FRSIRT	http://www.frsirt.com/english/advisories/2007/0718

Impacted products

Vendor	Product
mozilla.org contributors	Mozilla Firefox
mozilla.org contributors	Mozilla SeaMonkey
Red Hat, Inc.	RHEL Optional Productivity Applications
Hewlett-Packard Development Company,L.P	HP-UX
Cybertrust Japan Co., Ltd.	Asianux Server
Red Hat, Inc.	Red Hat Enterprise Linux
Red Hat, Inc.	Red Hat Enterprise Linux Desktop
Red Hat, Inc.	Red Hat Linux Advanced Workstation
Red Hat, Inc.	RHEL Desktop Workstation
Turbolinux, Inc.	Turbolinux
Turbolinux, Inc.	Turbolinux Desktop
Turbolinux, Inc.	Turbolinux Home
Turbolinux, Inc.	Turbolinux Multimedia
Turbolinux, Inc.	Turbolinux Personal
Turbolinux, Inc.	Turbolinux Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000176.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Mozilla Firefox, web browser from Mozilla Corporation and Mozilla Japan, contains a cross-site scripting vulnerability.\r\n\r\nMozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000176.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:mozilla:firefox",
      "@product": "Mozilla Firefox",
      "@vendor": "mozilla.org contributors",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:mozilla:seamonkey",
      "@product": "Mozilla SeaMonkey",
      "@vendor": "mozilla.org contributors",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:redhat:rhel_optional_productivity_applications",
      "@product": "RHEL Optional Productivity Applications",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:linux_advanced_workstation",
      "@product": "Red Hat Linux Advanced Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:rhel_desktop_workstation",
      "@product": "RHEL Desktop Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000176",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN38605899/index.html",
      "@id": "JVN#38605899",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995",
      "@id": "CVE-2007-0995",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0995",
      "@id": "CVE-2007-0995",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/24205/",
      "@id": "SA24205",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://secunia.com/advisories/24238/",
      "@id": "SA24238",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/22694",
      "@id": "22694",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/0718",
      "@id": "FrSIRT/ADV-2007-0718",
      "@source": "FRSIRT"
    }
  ],
  "title": "Mozilla Firefox cross-site scripting vulnerability"
}

cve-2007-0995

Vulnerability from cvelistv5

Published

2007-02-26 19:00

Modified

2024-08-07 12:43