CVE-2007-0779
First published: Mon Feb 26 2007(Updated: )
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | =0.9_rc | |
| Mozilla SeaMonkey | =1.0.3 | |
| Mozilla Firefox | =0.8 | |
| Mozilla Firefox | =1.5-beta2 | |
| Mozilla SeaMonkey | =1.0.1 | |
| Mozilla SeaMonkey | =1.0.6 | |
| Mozilla Firefox | =1.5.0.6 | |
| Mozilla Firefox | =1.5.0.3 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla SeaMonkey | =1.0.99 | |
| Mozilla SeaMonkey | =1.0.7 | |
| Mozilla Firefox | =1.0.2 | |
| Mozilla SeaMonkey | =1.0-beta | |
| Mozilla Firefox | =1.5-beta1 | |
| Mozilla Firefox | =1.5 | |
| Mozilla Firefox | =0.9.1 | |
| Mozilla Firefox | =1.0.4 | |
| Mozilla Firefox | =1.0.7 | |
| Mozilla Firefox | =0.10.1 | |
| Mozilla Firefox | =1.5.6 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla SeaMonkey | =1.0.2 | |
| Mozilla Firefox | =1.0 | |
| Mozilla Firefox | =1.5.0.7 | |
| Mozilla Firefox | =2.0 | |
| Mozilla Firefox | =1.0.1 | |
| Mozilla SeaMonkey | =1.0.5 | |
| Mozilla Firefox | =1.5.0.8 | |
| Mozilla Firefox | =1.5.0.9 | |
| Mozilla Firefox | =1.5.0.5 | |
| Mozilla Firefox | =1.5.0.2 | |
| Mozilla Firefox | =1.0.3 | |
| Mozilla Firefox | =0.9.3 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla Firefox | =2.0-rc2 | |
| Mozilla Firefox | =2.0.0.1 | |
| Mozilla SeaMonkey | =1.0.4 | |
| Mozilla Firefox | =0.9.2 | |
| Mozilla Firefox | =2.0-beta_1 | |
| Mozilla Firefox | =1.5.8 | |
| Mozilla Firefox | =1.5.0.4 | |
| Mozilla Firefox | =1.5.0.1 | |
| Mozilla Firefox | =0.10 | |
| Mozilla Firefox | =1.0.5 | |
| Mozilla Firefox | =2.0-rc3 | |
| Mozilla Firefox | =1.0.6 | |
| Mozilla Firefox | =1.0.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/2007/mfsa2007-04.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=361298
- https://issues.rpath.com/browse/RPL-1081
- https://issues.rpath.com/browse/RPL-1103
- http://fedoranews.org/cms/node/2713
- http://fedoranews.org/cms/node/2728
- http://security.gentoo.org/glsa/glsa-200703-04.xml
- http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
- http://www.redhat.com/support/errata/RHSA-2007-0079.html
- http://rhn.redhat.com/errata/RHSA-2007-0077.html
- http://www.redhat.com/support/errata/RHSA-2007-0078.html
- http://www.redhat.com/support/errata/RHSA-2007-0097.html
- http://www.redhat.com/support/errata/RHSA-2007-0108.html
- http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
- http://www.ubuntu.com/usn/usn-428-1
- http://www.securityfocus.com/bid/22694
- http://www.securitytracker.com/id?1017700
- http://secunia.com/advisories/24238
- http://secunia.com/advisories/24287
- http://secunia.com/advisories/24290
- http://secunia.com/advisories/24205
- http://secunia.com/advisories/24328
- http://secunia.com/advisories/24333
- http://secunia.com/advisories/24343
- http://secunia.com/advisories/24320
- http://secunia.com/advisories/24293
- http://secunia.com/advisories/24393
- http://secunia.com/advisories/24395
- http://secunia.com/advisories/24384
- http://secunia.com/advisories/24437
- http://secunia.com/advisories/24650
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
- http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
- http://secunia.com/advisories/24455
- http://secunia.com/advisories/24457
- http://secunia.com/advisories/24342
- http://osvdb.org/32109
- http://www.vupen.com/english/advisories/2008/0083
- http://www.vupen.com/english/advisories/2007/0718
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757
- http://www.securityfocus.com/archive/1/461809/100/0/threaded
- http://www.securityfocus.com/archive/1/461336/100/0/threaded
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/0.9_rc
- canonical/mozilla seamonkey
- version/mozilla seamonkey/1.0.3
- version/mozilla firefox/0.8
- version/mozilla firefox/1.5-beta2
- version/mozilla seamonkey/1.0.1
- version/mozilla seamonkey/1.0.6
- version/mozilla firefox/1.5.0.6
- version/mozilla firefox/1.5.0.3
- version/mozilla seamonkey/1.0
- version/mozilla seamonkey/1.0.99
- version/mozilla seamonkey/1.0.7
- version/mozilla firefox/1.0.2
- version/mozilla seamonkey/1.0-beta
- version/mozilla firefox/1.5-beta1
- version/mozilla firefox/1.5
- version/mozilla firefox/0.9.1
- version/mozilla firefox/1.0.4
- version/mozilla firefox/1.0.7
- version/mozilla firefox/0.10.1
- version/mozilla firefox/1.5.6
- version/mozilla seamonkey/1.0.2
- version/mozilla firefox/1.0
- version/mozilla firefox/1.5.0.7
- version/mozilla firefox/2.0
- version/mozilla firefox/1.0.1
- version/mozilla seamonkey/1.0.5
- version/mozilla firefox/1.5.0.8
- version/mozilla firefox/1.5.0.9
- version/mozilla firefox/1.5.0.5
- version/mozilla firefox/1.5.0.2
- version/mozilla firefox/1.0.3
- version/mozilla firefox/0.9.3
- version/mozilla firefox/2.0-rc2
- version/mozilla firefox/2.0.0.1
- version/mozilla seamonkey/1.0.4
- version/mozilla firefox/0.9.2
- version/mozilla firefox/2.0-beta_1
- version/mozilla firefox/1.5.8
- version/mozilla firefox/1.5.0.4
- version/mozilla firefox/1.5.0.1
- version/mozilla firefox/0.10
- version/mozilla firefox/1.0.5
- version/mozilla firefox/2.0-rc3
- version/mozilla firefox/1.0.6
- version/mozilla firefox/1.0.8