New Search

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10 and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8 allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img (2) link or (3) style tag which bypasses the access checks and executes code with chrome privileges.

oval:org.mitre.oval:def:9749

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10 and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8 allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img (2) link or (3) style tag which bypasses the access checks and executes code with chrome privileges.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • Oracle Linux 4
  • Red Hat Enterprise Linux 3
  • CentOS Linux 3
  • CentOS Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2007-0994
Product(s):