CVE-2007-6589

Mozilla Firefox <2.0.0.10 & SeaMonkey <1.1.7 - XSS

Title source: llm

Description

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947.

References (8)

[Various Sources] http://blog.beford.org/?p=8

[Vendor Advisory] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

[Various Sources] http://www.mozilla.org/security/announce/2007/mfsa2007-37.html

[Issue Tracking] https://bugzilla.mozilla.org/show_bug.cgi?id=369814

[Issue Tracking] https://bugzilla.mozilla.org/show_bug.cgi?id=403331

[Third Party Advisory, VDB Entry] http://osvdb.org/43477

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6033

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0083

Scores

EPSS 0.0058

EPSS Percentile 68.7%

Classification

CWE

CWE-79

Status draft

Affected Products (2)

mozilla/firefox < 2.0.0.9

mozilla/seamonkey < 1.1.6

Timeline

Published Dec 28, 2007

Tracked Since Feb 18, 2026