CVE-2007-0994: Code Injection
First published: Tue Mar 06 2007(Updated: )
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | >=1.5<1.5.0.10 | |
| Firefox | >=2.0<2.0.0.2 | |
| Mozilla SeaMonkey | >=1.1<1.1.1 | |
| Mozilla SeaMonkey | >=1.0<1.0.8 | |
| Debian Linux | =3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2007-0078.html
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
- https://issues.rpath.com/browse/RPL-1103
- http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
- http://www.redhat.com/support/errata/RHSA-2007-0097.html
- http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
- http://www.securityfocus.com/bid/22826
- http://securitytracker.com/id?1017726
- http://secunia.com/advisories/24395
- http://secunia.com/advisories/24384
- http://secunia.com/advisories/24650
- http://www.debian.org/security/2007/dsa-1336
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
- http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
- http://secunia.com/advisories/24455
- http://secunia.com/advisories/24457
- http://secunia.com/advisories/25588
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://www.vupen.com/english/advisories/2007/0823
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749
Frequently Asked Questions
What is the severity of CVE-2007-0994?
CVE-2007-0994 has been classified as critical due to its ability to allow remote attackers to execute arbitrary JavaScript.
How do I fix CVE-2007-0994?
To fix CVE-2007-0994, users should update Mozilla Firefox to version 2.0.0.2 or later, or SeaMonkey to version 1.1.1 or later.
Which software is affected by CVE-2007-0994?
CVE-2007-0994 affects Mozilla Firefox versions prior to 2.0.0.2 and 1.x prior to 1.5.0.10, and SeaMonkey versions prior to 1.1.1 and 1.0.8.
Can CVE-2007-0994 affect Debian systems?
Yes, CVE-2007-0994 can affect Debian GNU/Linux versions specifically version 3.1.
What types of tags are exploited in CVE-2007-0994?
CVE-2007-0994 exploits javascript: URIs in img, link, or style tags within HTML mail messages.
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/mozilla
- canonical/firefox
- version/firefox/1.5
- version/firefox/2.0
- canonical/mozilla seamonkey
- version/mozilla seamonkey/1.1
- version/mozilla seamonkey/1.0
- vendor/debian
- canonical/debian linux
- version/debian linux/3.1