Description
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
References (23)
Core 23
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0078.html
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24395
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
Mailing List, Third Party Advisory vendor-advisory
x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24384
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24457
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2007/dsa-1336
Broken Link vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24650
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25588
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1103
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017726
Broken Link vendor-advisory
x_refsource_suse
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0823
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0097.html
Broken Link vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24455
Broken Link vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
Mailing List, Third Party Advisory vendor-advisory
x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22826
Scores
EPSS
0.0321
EPSS Percentile
86.6%
Details
CWE
CWE-94
Status
published
Products (3)
debian/debian_linux
3.1
mozilla/firefox
1.5 - 1.5.0.10
mozilla/seamonkey
1.0 - 1.0.8
Published
Mar 06, 2007
Tracked Since
Feb 18, 2026