CVE-2007-5334
First published: Sun Oct 21 2007(Updated: )
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla SeaMonkey | <=1.1.4 | |
| Mozilla Firefox | <=2.0.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/show_bug.cgi?id=391043
- http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
- https://issues.rpath.com/browse/RPL-1858
- http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
- http://www.debian.org/security/2007/dsa-1396
- http://www.debian.org/security/2007/dsa-1401
- http://www.debian.org/security/2007/dsa-1392
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
- http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
- http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
- http://www.redhat.com/support/errata/RHSA-2007-0979.html
- http://www.redhat.com/support/errata/RHSA-2007-0980.html
- http://www.redhat.com/support/errata/RHSA-2007-0981.html
- http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
- http://www.ubuntu.com/usn/usn-536-1
- http://www.kb.cert.org/vuls/id/349217
- http://www.securityfocus.com/bid/26132
- http://securitytracker.com/id?1018837
- http://secunia.com/advisories/27276
- http://secunia.com/advisories/27325
- http://secunia.com/advisories/27327
- http://secunia.com/advisories/27335
- http://secunia.com/advisories/27356
- http://secunia.com/advisories/27383
- http://secunia.com/advisories/27425
- http://secunia.com/advisories/27403
- http://secunia.com/advisories/27480
- http://secunia.com/advisories/27387
- http://secunia.com/advisories/27298
- http://secunia.com/advisories/27311
- http://secunia.com/advisories/27315
- http://secunia.com/advisories/27336
- http://secunia.com/advisories/27665
- http://secunia.com/advisories/27414
- https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
- http://secunia.com/advisories/27680
- http://secunia.com/advisories/27360
- http://secunia.com/advisories/28398
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
- http://www.vupen.com/english/advisories/2007/3544
- http://www.vupen.com/english/advisories/2007/3587
- http://www.vupen.com/english/advisories/2008/0083
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37286
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11482
- https://usn.ubuntu.com/535-1/
- http://www.securityfocus.com/archive/1/482932/100/200/threaded
- http://www.securityfocus.com/archive/1/482925/100/0/threaded
- http://www.securityfocus.com/archive/1/482876/100/200/threaded
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla seamonkey
- version/mozilla seamonkey/1.1.4
- canonical/mozilla firefox
- version/mozilla firefox/2.0.0.7