CVE-2007-0981

Mozilla based browsers <2.0.0.2 - CSRF

Title source: llm

Description

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michal Zalewski · htmlremotewindows

https://www.exploit-db.com/exploits/3340

View Code ZIP pw:eip

References (57)

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0078.html

[Vendor Advisory] https://bugzilla.mozilla.org/show_bug.cgi?id=370445

[Vendor Advisory] http://secunia.com/advisories/24395

[Third Party Advisory, VDB Entry] http://www.osvdb.org/32104

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/461336/100/0/threaded

[Vendor Advisory] http://secunia.com/advisories/24328

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0108.html

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200703-04.xml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/460126/100/200/threaded

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/460217/100/0/threaded

[Vendor Advisory] http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

[Vendor Advisory] http://secunia.com/advisories/24384

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/32533

[Vendor Advisory] http://secunia.com/advisories/24457

[Vendor Advisory] http://secunia.com/advisories/24343

[Third Party Advisory] http://www.debian.org/security/2007/dsa-1336

[Vendor Advisory] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/0718

... and 37 more

Scores

EPSS 0.1643

EPSS Percentile 94.9%

Details

CWE

CWE-264

Status published

Products (44)

mozilla/firefox 0.8

mozilla/firefox 0.9 (2 CPE variants)

mozilla/firefox 0.9.1

mozilla/firefox 0.9.2

mozilla/firefox 0.9.3

mozilla/firefox 0.10

mozilla/firefox 0.10.1

mozilla/firefox 1.0

mozilla/firefox 1.0.1

mozilla/firefox 1.0.2

... and 34 more

Published Feb 16, 2007

Tracked Since Feb 18, 2026