7.5

CVE-2007-0981

Exploit

EPSS 18.02%
Veröffentlicht 16.02.2007 01:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 60

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 1.5.0.9

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Firefox Version1.0.4

Mozilla ≫ Firefox Version1.0.5

Mozilla ≫ Firefox Version1.0.6

Mozilla ≫ Firefox Version1.0.6 Editionlinux

Mozilla ≫ Firefox Version1.0.7

Mozilla ≫ Firefox Version1.0.8

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5 Updatebeta1

Mozilla ≫ Firefox Version1.5 Updatebeta2

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Firefox Version1.5.0.5

Mozilla ≫ Firefox Version1.5.0.6

Mozilla ≫ Firefox Version1.5.0.7

Mozilla ≫ Firefox Version1.5.0.8

Mozilla ≫ Firefox Version1.5.1

Mozilla ≫ Firefox Version1.5.2

Mozilla ≫ Firefox Version1.5.3

Mozilla ≫ Firefox Version1.5.4

Mozilla ≫ Firefox Version1.5.5

Mozilla ≫ Firefox Version1.5.6

Mozilla ≫ Firefox Version1.5.7

Mozilla ≫ Firefox Version1.5.8

Mozilla ≫ Firefox Version2.0

Mozilla ≫ Firefox Version2.0 Updatebeta_1

Mozilla ≫ Firefox Version2.0 Updaterc3

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Firefox Versionpreview_release

Mozilla ≫ Seamonkey Version <= 1.0.7

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Seamonkey Version1.0.3

Mozilla ≫ Seamonkey Version1.0.4

Mozilla ≫ Seamonkey Version1.0.5

Mozilla ≫ Seamonkey Version1.0.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	18.02%	0.949

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.vupen.com/english/advisories/2008/0083

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

http://fedoranews.org/cms/node/2713

http://fedoranews.org/cms/node/2728

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

http://rhn.redhat.com/errata/RHSA-2007-0077.html

Vendor Advisory

http://secunia.com/advisories/24205

Vendor Advisory

http://secunia.com/advisories/24238

Vendor Advisory

http://secunia.com/advisories/24287

Vendor Advisory

http://secunia.com/advisories/24290

Vendor Advisory

http://secunia.com/advisories/24293

Vendor Advisory

http://secunia.com/advisories/24320

Vendor Advisory

http://secunia.com/advisories/24328

Vendor Advisory

http://secunia.com/advisories/24333

Vendor Advisory

http://secunia.com/advisories/24342

Vendor Advisory

http://secunia.com/advisories/24343

Vendor Advisory

http://secunia.com/advisories/24384

Vendor Advisory

http://secunia.com/advisories/24393

Vendor Advisory

http://secunia.com/advisories/24395

Vendor Advisory

http://secunia.com/advisories/24437

Vendor Advisory

http://secunia.com/advisories/24457

Vendor Advisory

http://secunia.com/advisories/24650

Vendor Advisory

http://secunia.com/advisories/25588

http://security.gentoo.org/glsa/glsa-200703-04.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

http://www.debian.org/security/2007/dsa-1336

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

http://www.redhat.com/support/errata/RHSA-2007-0078.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2007-0079.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2007-0097.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2007-0108.html

Vendor Advisory

http://www.securityfocus.com/archive/1/461336/100/0/threaded

http://www.securityfocus.com/archive/1/461809/100/0/threaded

http://www.ubuntu.com/usn/usn-428-1

http://www.vupen.com/english/advisories/2007/0718

https://issues.rpath.com/browse/RPL-1081

https://issues.rpath.com/browse/RPL-1103

http://lcamtuf.dione.cc/ffhostname.html

Exploit

http://secunia.com/advisories/24175

Vendor Advisory

http://secunia.com/advisories/24455

Vendor Advisory

http://securityreason.com/securityalert/2262

http://securitytracker.com/id?1017654

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

http://www.kb.cert.org/vuls/id/885753

US Government Resource

http://www.mozilla.org/security/announce/2007/mfsa2007-07.html

http://www.osvdb.org/32104

http://www.securityfocus.com/archive/1/460126/100/200/threaded

http://www.securityfocus.com/archive/1/460217/100/0/threaded

http://www.securityfocus.com/bid/22566

http://www.vupen.com/english/advisories/2007/0624

https://bugzilla.mozilla.org/show_bug.cgi?id=370445

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32533

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730

https://nvd.nist.gov/vuln/detail/CVE-2007-0981

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0981

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0981

EUVD