CVE-2007-0994 - Vulnerability Details

Vendors	Products
Debian	Debian Linux
Mozilla	Firefox Seamonkey
Redhat	Enterprise Linux

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
seamonkey-0:1.0.8-0.2.el2	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:0077	2007-02-24T00:00:00Z
Red Hat Enterprise Linux 3
seamonkey-0:1.0.8-0.2.el3	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0077	2007-02-24T00:00:00Z
Red Hat Enterprise Linux 4
devhelp-0:0.10-0.7.el4	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0077	2007-02-24T00:00:00Z
seamonkey-0:1.0.8-0.2.el4	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0077	2007-02-24T00:00:00Z
firefox-0:1.5.0.10-0.1.el4	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0079	2007-02-23T00:00:00Z
Red Hat Enterprise Linux 5
devhelp-0:0.12-10.0.1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0097	2007-03-14T00:00:00Z
firefox-0:1.5.0.10-2.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0097	2007-03-14T00:00:00Z
yelp-0:2.16.0-14.0.1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0097	2007-03-14T00:00:00Z

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
http://secunia.com/advisories/24384
http://secunia.com/advisories/24395
http://secunia.com/advisories/24455
http://secunia.com/advisories/24457
http://secunia.com/advisories/24650
http://secunia.com/advisories/25588
http://securitytracker.com/id?1017726
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
http://www.debian.org/security/2007/dsa-1336
http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
http://www.redhat.com/support/errata/RHSA-2007-0078.html
http://www.redhat.com/support/errata/RHSA-2007-0097.html
http://www.securityfocus.com/bid/22826
http://www.vupen.com/english/advisories/2007/0823
https://issues.rpath.com/browse/RPL-1103
https://nvd.nist.gov/vuln/detail/CVE-2007-0994
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749
https://www.cve.org/CVERecord?id=CVE-2007-0994

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-02T00:00:00", "descriptions": [{"lang": "en", "value": "A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2007:0078", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"}, {"name": "oval:org.mitre.oval:def:9749", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749"}, {"name": "24395", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24395"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733"}, {"name": "SSA:2007-066-03", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"}, {"name": "24384", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24384"}, {"name": "24457", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24457"}, {"name": "DSA-1336", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1336"}, {"name": "HPSBUX02153", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "24650", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24650"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-09.html"}, {"name": "25588", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25588"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1103"}, {"name": "1017726", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017726"}, {"name": "SUSE-SA:2007:019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"}, {"name": "SUSE-SA:2007:022", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"}, {"name": "ADV-2007-0823", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0823"}, {"name": "SSRT061181", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "RHSA-2007:0097", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"}, {"name": "20070301-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"}, {"name": "24455", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24455"}, {"name": "20070202-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"}, {"name": "SSA:2007-066-05", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"}, {"name": "22826", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22826"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:43:21.606Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2007:0078", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"}, {"name": "oval:org.mitre.oval:def:9749", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749"}, {"name": "24395", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24395"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733"}, {"name": "SSA:2007-066-03", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"}, {"name": "24384", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24384"}, {"name": "24457", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24457"}, {"name": "DSA-1336", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1336"}, {"name": "HPSBUX02153", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "24650", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24650"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-09.html"}, {"name": "25588", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25588"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1103"}, {"name": "1017726", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017726"}, {"name": "SUSE-SA:2007:019", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"}, {"name": "SUSE-SA:2007:022", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"}, {"name": "ADV-2007-0823", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0823"}, {"name": "SSRT061181", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "RHSA-2007:0097", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"}, {"name": "20070301-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"}, {"name": "24455", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24455"}, {"name": "20070202-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"}, {"name": "SSA:2007-066-05", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"}, {"name": "22826", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22826"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-0994", "datePublished": "2007-03-06T00:00:00", "dateReserved": "2007-02-16T00:00:00", "dateUpdated": "2024-08-07T12:43:21.606Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2007-03-02T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-10-10T00:57:01 (string)

orgId : 53f830b8-0a3f-465b-8143-3b8a9948e749 (string)

shortName : redhat (string)

}

references : [ »

0 : { »

name : RHSA-2007:0078 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0078.html (string)

}

1 : { »

name : oval:org.mitre.oval:def:9749 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749 (string)

}

2 : { »

name : 24395 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/24395 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733 (string)

}

4 : { »

name : SSA:2007-066-03 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 (string)

}

5 : { »

name : 24384 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/24384 (string)

}

6 : { »

name : 24457 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/24457 (string)

}

7 : { »

name : DSA-1336 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2007/dsa-1336 (string)

}

8 : { »

name : HPSBUX02153 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

9 : { »

name : 24650 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/24650 (string)

}

10 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.mozilla.org/security/announce/2007/mfsa2007-09.html (string)

}

11 : { »

name : 25588 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25588 (string)

}

12 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://issues.rpath.com/browse/RPL-1103 (string)

}

13 : { »

name : 1017726 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://securitytracker.com/id?1017726 (string)

}

14 : { »

name : SUSE-SA:2007:019 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html (string)

}

15 : { »

name : SUSE-SA:2007:022 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://www.novell.com/linux/security/advisories/2007_22_mozilla.html (string)

}

16 : { »

name : ADV-2007-0823 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/0823 (string)

}

17 : { »

name : SSRT061181 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

18 : { »

name : RHSA-2007:0097 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0097.html (string)

}

19 : { »

name : 20070301-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc (string)

}

20 : { »

name : 24455 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/24455 (string)

}

21 : { »

name : 20070202-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc (string)

}

22 : { »

name : SSA:2007-066-05 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 (string)

}

23 : { »

name : 22826 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/22826 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T12:43:21.606Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : RHSA-2007:0078 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0078.html (string)

}

1 : { »

name : oval:org.mitre.oval:def:9749 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749 (string)

}

2 : { »

name : 24395 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/24395 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733 (string)

}

4 : { »

name : SSA:2007-066-03 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

2 : x_transferred (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 (string)

}

5 : { »

name : 24384 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/24384 (string)

}

6 : { »

name : 24457 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/24457 (string)

}

7 : { »

name : DSA-1336 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2007/dsa-1336 (string)

}

8 : { »

name : HPSBUX02153 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

9 : { »

name : 24650 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/24650 (string)

}

10 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.mozilla.org/security/announce/2007/mfsa2007-09.html (string)

}

11 : { »

name : 25588 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25588 (string)

}

12 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://issues.rpath.com/browse/RPL-1103 (string)

}

13 : { »

name : 1017726 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://securitytracker.com/id?1017726 (string)

}

14 : { »

name : SUSE-SA:2007:019 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html (string)

}

15 : { »

name : SUSE-SA:2007:022 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://www.novell.com/linux/security/advisories/2007_22_mozilla.html (string)

}

16 : { »

name : ADV-2007-0823 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/0823 (string)

}

17 : { »

name : SSRT061181 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

18 : { »

name : RHSA-2007:0097 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0097.html (string)

}

19 : { »

name : 20070301-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

2 : x_transferred (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc (string)

}

20 : { »

name : 24455 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/24455 (string)

}

21 : { »

name : 20070202-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

2 : x_transferred (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc (string)

}

22 : { »

name : SSA:2007-066-05 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

2 : x_transferred (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 (string)

}

23 : { »

name : 22826 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/22826 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 53f830b8-0a3f-465b-8143-3b8a9948e749 (string)

assignerShortName : redhat (string)

cveId : CVE-2007-0994 (string)

datePublished : 2007-03-06T00:00:00 (string)

dateReserved : 2007-02-16T00:00:00 (string)

dateUpdated : 2024-08-07T12:43:21.606Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EDDD5B2-2356-4A1A-820F-60CF3B638910", "versionEndExcluding": "1.5.0.10", "versionStartIncluding": "1.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BAFE9FF-65A4-487A-9D3A-844086DE5F27", "versionEndExcluding": "2.0.0.2", "versionStartIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BA069D6-74C8-4EF7-8D34-ED996398BD5D", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "8123E5CA-6B59-4081-B79A-0FD607EB25B0", "versionEndExcluding": "1.1.1", "versionStartIncluding": "1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges."}, {"lang": "es", "value": "Un error de regresi\u00f3n en Mozilla Firefox versi\u00f3n 2.x anterior a 2.0.0.2 y versi\u00f3n 1.x anterior a 1.5.0.10, y SeaMonkey versi\u00f3n 1.1 anterior a 1.1.1 y versi\u00f3n 1.0 anterior a 1.0.8, permite a los atacantes remotos ejecutar JavaScript arbitrario como usuario por medio de un mensaje de correo HTML con un javascript: URI en una etiqueta (1) img , (2) enlace o (3) style, que omite las comprobaciones de acceso y ejecuta c\u00f3digo con privilegios de chromo."}], "id": "CVE-2007-0994", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-06T00:19:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24384"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24395"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24455"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24457"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24650"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25588"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017726"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1336"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-09.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/22826"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0823"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1103"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24384"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24395"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24455"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/24650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25588"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017726"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1336"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-09.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/22826"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0823"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5EDDD5B2-2356-4A1A-820F-60CF3B638910 (string)

versionEndExcluding : 1.5.0.10 (string)

versionStartIncluding : 1.5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1BAFE9FF-65A4-487A-9D3A-844086DE5F27 (string)

versionEndExcluding : 2.0.0.2 (string)

versionStartIncluding : 2.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2BA069D6-74C8-4EF7-8D34-ED996398BD5D (string)

versionEndExcluding : 1.0.8 (string)

versionStartIncluding : 1.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8123E5CA-6B59-4081-B79A-0FD607EB25B0 (string)

versionEndExcluding : 1.1.1 (string)

versionStartIncluding : 1.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges. (string)

}

1 : { »

lang : es (string)

value : Un error de regresión en Mozilla Firefox versión 2.x anterior a 2.0.0.2 y versión 1.x anterior a 1.5.0.10, y SeaMonkey versión 1.1 anterior a 1.1.1 y versión 1.0 anterior a 1.0.8, permite a los atacantes remotos ejecutar JavaScript arbitrario como usuario por medio de un mensaje de correo HTML con un javascript: URI en una etiqueta (1) img , (2) enlace o (3) style, que omite las comprobaciones de acceso y ejecuta código con privilegios de chromo. (string)

}

]

id : CVE-2007-0994 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : true (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-03-06T00:19:00.000 (string)

references : [ »

0 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc (string)

}

1 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc (string)

}

2 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Exploit (string)

1 : Issue Tracking (string)

2 : Patch (string)

3 : Third Party Advisory (string)

]

url : http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733 (string)

}

3 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

4 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

5 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html (string)

}

6 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24384 (string)

}

7 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24395 (string)

}

8 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24455 (string)

}

9 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24457 (string)

}

10 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24650 (string)

}

11 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25588 (string)

}

12 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://securitytracker.com/id?1017726 (string)

}

13 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 (string)

}

14 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 (string)

}

15 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2007/dsa-1336 (string)

}

16 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.mozilla.org/security/announce/2007/mfsa2007-09.html (string)

}

17 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.novell.com/linux/security/advisories/2007_22_mozilla.html (string)

}

18 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0078.html (string)

}

19 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0097.html (string)

}

20 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/22826 (string)

}

21 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/0823 (string)

}

22 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1103 (string)

}

23 : { »

source : secalert@redhat.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749 (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Issue Tracking (string)

2 : Patch (string)

3 : Third Party Advisory (string)

]

url : http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733 (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24384 (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24395 (string)

}

32 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24455 (string)

}

33 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24457 (string)

}

34 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/24650 (string)

}

35 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25588 (string)

}

36 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://securitytracker.com/id?1017726 (string)

}

37 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 (string)

}

38 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 (string)

}

39 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2007/dsa-1336 (string)

}

40 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.mozilla.org/security/announce/2007/mfsa2007-09.html (string)

}

41 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.novell.com/linux/security/advisories/2007_22_mozilla.html (string)

}

42 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0078.html (string)

}

43 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0097.html (string)

}

44 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/22826 (string)

}

45 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/0823 (string)

}

46 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1103 (string)

}

47 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749 (string)

}

]

sourceIdentifier : secalert@redhat.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-94 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2007:0077", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "seamonkey-0:1.0.8-0.2.el2", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2007-02-24T00:00:00Z"}, {"advisory": "RHSA-2007:0077", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "seamonkey-0:1.0.8-0.2.el3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-02-24T00:00:00Z"}, {"advisory": "RHSA-2007:0077", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "devhelp-0:0.10-0.7.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-02-24T00:00:00Z"}, {"advisory": "RHSA-2007:0077", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "seamonkey-0:1.0.8-0.2.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-02-24T00:00:00Z"}, {"advisory": "RHSA-2007:0079", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "firefox-0:1.5.0.10-0.1.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-02-23T00:00:00Z"}, {"advisory": "RHSA-2007:0097", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "devhelp-0:0.12-10.0.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-03-14T00:00:00Z"}, {"advisory": "RHSA-2007:0097", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "firefox-0:1.5.0.10-2.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-03-14T00:00:00Z"}, {"advisory": "RHSA-2007:0097", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "yelp-0:2.16.0-14.0.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-03-14T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1618286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618286"}, "csaw": false, "details": ["A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges."], "name": "CVE-2007-0994", "public_date": "2007-03-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-0994\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-0994"], "threat_severity": "Critical"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2007:0077 (string)

cpe : cpe:/o:redhat:enterprise_linux:2.1 (string)

package : seamonkey-0:1.0.8-0.2.el2 (string)

product_name : Red Hat Enterprise Linux 2.1 (string)

release_date : 2007-02-24T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2007:0077 (string)

cpe : cpe:/o:redhat:enterprise_linux:3 (string)

package : seamonkey-0:1.0.8-0.2.el3 (string)

product_name : Red Hat Enterprise Linux 3 (string)

release_date : 2007-02-24T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2007:0077 (string)

cpe : cpe:/o:redhat:enterprise_linux:4 (string)

package : devhelp-0:0.10-0.7.el4 (string)

product_name : Red Hat Enterprise Linux 4 (string)

release_date : 2007-02-24T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2007:0077 (string)

cpe : cpe:/o:redhat:enterprise_linux:4 (string)

package : seamonkey-0:1.0.8-0.2.el4 (string)

product_name : Red Hat Enterprise Linux 4 (string)

release_date : 2007-02-24T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2007:0079 (string)

cpe : cpe:/o:redhat:enterprise_linux:4 (string)

package : firefox-0:1.5.0.10-0.1.el4 (string)

product_name : Red Hat Enterprise Linux 4 (string)

release_date : 2007-02-23T00:00:00Z (string)

}

5 : { »

advisory : RHSA-2007:0097 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : devhelp-0:0.12-10.0.1.el5 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2007-03-14T00:00:00Z (string)

}

6 : { »

advisory : RHSA-2007:0097 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : firefox-0:1.5.0.10-2.el5 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2007-03-14T00:00:00Z (string)

}

7 : { »

advisory : RHSA-2007:0097 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : yelp-0:2.16.0-14.0.1.el5 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2007-03-14T00:00:00Z (string)

}

]

bugzilla : { »

description : security flaw (string)

id : 1618286 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1618286 (string)

}

csaw : false (boolean)

details : [ »

0 : A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges. (string)

]

name : CVE-2007-0994 (string)

public_date : 2007-03-05T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2007-0994 https://nvd.nist.gov/vuln/detail/CVE-2007-0994 (string)

]

threat_severity : Critical (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object