FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-3737

This CVE name corresponds to:

Entered Topic
2007-07-19 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-3737 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-3737
Phase Assigned(20070712)

Description

Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."

References

Source Reference
BUGTRAQ 20070720 rPSA-2007-0148-1 firefox thunderbird
BUGTRAQ 20070724 FLEA-2007-0033-1: firefox thunderbird
CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
CONFIRM ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
CONFIRM http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
DEBIAN DSA-1337
DEBIAN DSA-1338
DEBIAN DSA-1339
GENTOO GLSA-200708-09
HP HPSBUX02153
HP SSRT061181
MANDRIVA MDKSA-2007:152
REDHAT RHSA-2007:0722
REDHAT RHSA-2007:0723
REDHAT RHSA-2007:0724
SGI 20070701-01-P
SUNALERT 103177
SUNALERT 201516
SUSE SUSE-SA:2007:049
UBUNTU USN-490-1
BID 24946
OVAL oval:org.mitre.oval:def:10009
VUPEN ADV-2007-2564
VUPEN ADV-2007-4256
SECTRACK 1018409
SECUNIA 26095
SECUNIA 26103
SECUNIA 26106
SECUNIA 26107
SECUNIA 25589
SECUNIA 26179
SECUNIA 26149
SECUNIA 26151
SECUNIA 26072
SECUNIA 26211
SECUNIA 26216
SECUNIA 26204
SECUNIA 26205
SECUNIA 26159
SECUNIA 26271
SECUNIA 26258
SECUNIA 26460
SECUNIA 28135
XF firefox-eventhandler-code-execution(35461)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.