ID CVE-2007-2871
Summary Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 16-10-2018 - 16:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
oval via4
accepted 2013-04-29T04:14:01.113-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.
family unix
id oval:org.mitre.oval:def:11433
status accepted
submitted 2010-07-09T03:56:16-04:00
title Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.
version 30
redhat via4
advisories
  • bugzilla
    id 1618370
    title CVE-2007-2870 security flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • comment firefox is earlier than 0:1.5.0.12-0.1.el4
        oval oval:com.redhat.rhsa:tst:20070400001
      • comment firefox is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20060200002
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment devhelp is earlier than 0:0.12-11.el5
            oval oval:com.redhat.rhsa:tst:20070400004
          • comment devhelp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097002
        • AND
          • comment devhelp-devel is earlier than 0:0.12-11.el5
            oval oval:com.redhat.rhsa:tst:20070400006
          • comment devhelp-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097004
        • AND
          • comment firefox is earlier than 0:1.5.0.12-1.el5
            oval oval:com.redhat.rhsa:tst:20070400008
          • comment firefox is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097008
        • AND
          • comment yelp is earlier than 0:2.16.0-15.el5
            oval oval:com.redhat.rhsa:tst:20070400010
          • comment yelp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097006
    rhsa
    id RHSA-2007:0400
    released 2007-05-31
    severity Critical
    title RHSA-2007:0400: firefox security update (Critical)
  • bugzilla
    id 1618369
    title CVE-2007-2868 security flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • comment thunderbird is earlier than 0:1.5.0.12-0.1.el4
        oval oval:com.redhat.rhsa:tst:20070401001
      • comment thunderbird is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20060330002
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • comment thunderbird is earlier than 0:1.5.0.12-1.el5
        oval oval:com.redhat.rhsa:tst:20070401004
      • comment thunderbird is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20070108002
    rhsa
    id RHSA-2007:0401
    released 2007-05-31
    severity Critical
    title RHSA-2007:0401: thunderbird security update (Critical)
  • bugzilla
    id 1618370
    title CVE-2007-2870 security flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • comment seamonkey is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402001
          • comment seamonkey is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609002
        • AND
          • comment seamonkey-chat is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402003
          • comment seamonkey-chat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609004
        • AND
          • comment seamonkey-devel is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402005
          • comment seamonkey-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609006
        • AND
          • comment seamonkey-dom-inspector is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402007
          • comment seamonkey-dom-inspector is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609008
        • AND
          • comment seamonkey-js-debugger is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402009
          • comment seamonkey-js-debugger is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609010
        • AND
          • comment seamonkey-mail is earlier than 0:1.0.9-2.el4
            oval oval:com.redhat.rhsa:tst:20070402011
          • comment seamonkey-mail is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060609012
        • AND
          • comment devhelp is earlier than 0:0.10-0.8.el4
            oval oval:com.redhat.rhsa:tst:20070402013
          • comment devhelp is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060329002
        • AND
          • comment devhelp-devel is earlier than 0:0.10-0.8.el4
            oval oval:com.redhat.rhsa:tst:20070402015
          • comment devhelp-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060329004
    rhsa
    id RHSA-2007:0402
    released 2007-05-31
    severity Critical
    title RHSA-2007:0402: seamonkey security update (Critical)
rpms
  • devhelp-0:0.12-11.el5
  • devhelp-debuginfo-0:0.12-11.el5
  • devhelp-devel-0:0.12-11.el5
  • firefox-0:1.5.0.12-0.1.el4
  • firefox-0:1.5.0.12-1.el5
  • firefox-debuginfo-0:1.5.0.12-0.1.el4
  • firefox-debuginfo-0:1.5.0.12-1.el5
  • yelp-0:2.16.0-15.el5
  • yelp-debuginfo-0:2.16.0-15.el5
  • thunderbird-0:1.5.0.12-0.1.el4
  • thunderbird-0:1.5.0.12-1.el5
  • thunderbird-debuginfo-0:1.5.0.12-0.1.el4
  • thunderbird-debuginfo-0:1.5.0.12-1.el5
  • devhelp-0:0.10-0.8.el4
  • devhelp-debuginfo-0:0.10-0.8.el4
  • devhelp-devel-0:0.10-0.8.el4
  • seamonkey-0:1.0.9-0.1.el2
  • seamonkey-0:1.0.9-0.1.el3
  • seamonkey-0:1.0.9-2.el4
  • seamonkey-chat-0:1.0.9-0.1.el2
  • seamonkey-chat-0:1.0.9-0.1.el3
  • seamonkey-chat-0:1.0.9-2.el4
  • seamonkey-debuginfo-0:1.0.9-0.1.el3
  • seamonkey-debuginfo-0:1.0.9-2.el4
  • seamonkey-devel-0:1.0.9-0.1.el2
  • seamonkey-devel-0:1.0.9-0.1.el3
  • seamonkey-devel-0:1.0.9-2.el4
  • seamonkey-dom-inspector-0:1.0.9-0.1.el2
  • seamonkey-dom-inspector-0:1.0.9-0.1.el3
  • seamonkey-dom-inspector-0:1.0.9-2.el4
  • seamonkey-js-debugger-0:1.0.9-0.1.el2
  • seamonkey-js-debugger-0:1.0.9-0.1.el3
  • seamonkey-js-debugger-0:1.0.9-2.el4
  • seamonkey-mail-0:1.0.9-0.1.el2
  • seamonkey-mail-0:1.0.9-0.1.el3
  • seamonkey-mail-0:1.0.9-2.el4
  • seamonkey-nspr-0:1.0.9-0.1.el2
  • seamonkey-nspr-0:1.0.9-0.1.el3
  • seamonkey-nspr-devel-0:1.0.9-0.1.el2
  • seamonkey-nspr-devel-0:1.0.9-0.1.el3
  • seamonkey-nss-0:1.0.9-0.1.el2
  • seamonkey-nss-0:1.0.9-0.1.el3
  • seamonkey-nss-devel-0:1.0.9-0.1.el2
  • seamonkey-nss-devel-0:1.0.9-0.1.el3
refmap via4
bid 24242
bugtraq 20070531 FLEA-2007-0023-1: firefox
cert TA07-151A
confirm
debian
  • DSA-1300
  • DSA-1306
  • DSA-1308
gentoo GLSA-200706-06
hp
  • HPSBUX02153
  • SSRT061181
mandriva
  • MDKSA-2007:120
  • MDKSA-2007:126
osvdb 35137
sectrack
  • 1018155
  • 1018156
secunia
  • 25469
  • 25476
  • 25488
  • 25490
  • 25491
  • 25533
  • 25534
  • 25559
  • 25635
  • 25647
  • 25685
  • 25750
  • 25858
slackware SSA:2007-152-02
suse SUSE-SA:2007:036
ubuntu USN-468-1
vupen ADV-2007-1994
xf mozilla-xulpopups-spoofing(34606)
Last major update 16-10-2018 - 16:46
Published 01-06-2007 - 00:30
Last modified 16-10-2018 - 16:46
Back to Top