CVE-2007-3844

Mozilla Firefox 2.0.0.5, Thunderbird <1.5.0.13, SeaMonkey 1.1.3 - XSS via Addon Chrome Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3844. PoCs published by moz_bug_r_a4.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey, allowing JavaScript to execute with Chrome privileges via an 'about:blank' page. The PoC demonstrates arbitrary script execution with elevated privileges by manipulating the document body and focusing the window.

Description

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.

Exploits (1)

exploitdb WORKING POC VERIFIED

by moz_bug_r_a4 · textremotelinux

https://www.exploit-db.com/exploits/30439

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey, allowing JavaScript to execute with Chrome privileges via an 'about:blank' page. The PoC demonstrates arbitrary script execution with elevated privileges by manipulating the document body and focusing the window.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Mozilla Firefox, Thunderbird, SeaMonkey (versions affected by CVE-2007-3844)

No auth needed

Prerequisites: Victim must visit a malicious webpage or open a crafted link

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (55)

Core 55

Core References

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

Issue Tracking x_refsource_confirm

https://issues.rpath.com/browse/RPL-1600

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-503-1

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2008:047

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/3587

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27414

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

Issue Tracking x_refsource_confirm

http://bugzilla.mozilla.org/show_bug.cgi?id=388121

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26393

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26303

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/4256

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26309

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27298

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:152

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml

Patch vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1018481

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1345

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26288

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27327

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27276

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1391

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1346

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0980.html

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2007_57_mozilla.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2007:047

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28135

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27356

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0981.html

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/25142

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

Patch x_refsource_confirm

http://www.mozilla.org/security/announce/2007/mfsa2007-26.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/0082

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-493-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26234

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1344

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1018480

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27325

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0979.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1018479

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26258

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27326

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28363

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26331

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26460

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27680

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/475265/100/200/threaded

Vendor Advisory x_refsource_confirm

http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9493

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/475450/30/5550/threaded

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26335

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26572

Vendor Advisory vendor-advisory x_refsource_slackware

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101

Scores

EPSS 0.0545

EPSS Percentile 91.7%

Details

Status published

Products (3)

mozilla/firefox 2.0.0.5

mozilla/seamonkey 1.1.3

mozilla/thunderbird 2.0.0.5

Published Aug 08, 2007

Tracked Since Feb 18, 2026