CVE Vulnerability

CVE-2007-5334

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html Patch
https://issues.rpath.com/browse/RPL-1858
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://www.debian.org/security/2007/dsa-1396
http://www.debian.org/security/2007/dsa-1401
http://www.debian.org/security/2007/dsa-1392
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0981.html
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.ubuntu.com/usn/usn-536-1
http://www.kb.cert.org/vuls/id/349217 US Government Resource
http://www.securityfocus.com/bid/26132
http://securitytracker.com/id?1018837
http://secunia.com/advisories/27276
http://secunia.com/advisories/27325
http://secunia.com/advisories/27327
http://secunia.com/advisories/27335
http://secunia.com/advisories/27356
http://secunia.com/advisories/27383
http://secunia.com/advisories/27425
http://secunia.com/advisories/27403
http://secunia.com/advisories/27480
http://secunia.com/advisories/27387
http://secunia.com/advisories/27298
http://secunia.com/advisories/27311
http://secunia.com/advisories/27315
http://secunia.com/advisories/27336
http://secunia.com/advisories/27665
http://secunia.com/advisories/27414
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
http://secunia.com/advisories/27680
http://secunia.com/advisories/27360
http://secunia.com/advisories/28398
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
http://www.vupen.com/english/advisories/2007/3544
http://www.vupen.com/english/advisories/2007/3587
http://www.vupen.com/english/advisories/2008/0083
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
https://exchange.xforce.ibmcloud.com/vulnerabilities/37286
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11482
https://usn.ubuntu.com/535-1/
http://www.securityfocus.com/archive/1/482932/100/200/threaded
http://www.securityfocus.com/archive/1/482925/100/0/threaded
http://www.securityfocus.com/archive/1/482876/100/200/threaded
Configurations

Configuration 1

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Information

Published : 2007-10-21 08:17

Updated : 2018-10-15 09:42

NVD link : CVE-2007-5334

Mitre link : CVE-2007-5334

Products Affected
No products.
CWE
CWE-16