ID CVE-2007-0996
Summary The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 16-10-2018 - 16:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
oval via4
accepted 2013-04-29T04:01:25.271-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
family unix
id oval:org.mitre.oval:def:10086
status accepted
submitted 2010-07-09T03:56:16-04:00
title The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
version 30
redhat via4
advisories
  • bugzilla
    id 1618288
    title CVE-2007-0996 security flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment devhelp is earlier than 0:0.12-10.0.1.el5
            oval oval:com.redhat.rhsa:tst:20070097001
          • comment devhelp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097002
        • AND
          • comment devhelp-devel is earlier than 0:0.12-10.0.1.el5
            oval oval:com.redhat.rhsa:tst:20070097003
          • comment devhelp-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097004
        • AND
          • comment yelp is earlier than 0:2.16.0-14.0.1.el5
            oval oval:com.redhat.rhsa:tst:20070097005
          • comment yelp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097006
        • AND
          • comment firefox is earlier than 0:1.5.0.10-2.el5
            oval oval:com.redhat.rhsa:tst:20070097007
          • comment firefox is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070097008
    rhsa
    id RHSA-2007:0097
    released 2007-03-14
    severity Critical
    title RHSA-2007:0097: firefox security update (Critical)
  • rhsa
    id RHSA-2007:0077
  • rhsa
    id RHSA-2007:0078
  • rhsa
    id RHSA-2007:0079
  • rhsa
    id RHSA-2007:0108
rpms
  • devhelp-0:0.10-0.7.el4
  • devhelp-debuginfo-0:0.10-0.7.el4
  • devhelp-devel-0:0.10-0.7.el4
  • seamonkey-0:1.0.8-0.2.el2
  • seamonkey-0:1.0.8-0.2.el3
  • seamonkey-0:1.0.8-0.2.el4
  • seamonkey-chat-0:1.0.8-0.2.el2
  • seamonkey-chat-0:1.0.8-0.2.el3
  • seamonkey-chat-0:1.0.8-0.2.el4
  • seamonkey-debuginfo-0:1.0.8-0.2.el3
  • seamonkey-debuginfo-0:1.0.8-0.2.el4
  • seamonkey-devel-0:1.0.8-0.2.el2
  • seamonkey-devel-0:1.0.8-0.2.el3
  • seamonkey-devel-0:1.0.8-0.2.el4
  • seamonkey-dom-inspector-0:1.0.8-0.2.el2
  • seamonkey-dom-inspector-0:1.0.8-0.2.el3
  • seamonkey-dom-inspector-0:1.0.8-0.2.el4
  • seamonkey-js-debugger-0:1.0.8-0.2.el2
  • seamonkey-js-debugger-0:1.0.8-0.2.el3
  • seamonkey-js-debugger-0:1.0.8-0.2.el4
  • seamonkey-mail-0:1.0.8-0.2.el2
  • seamonkey-mail-0:1.0.8-0.2.el3
  • seamonkey-mail-0:1.0.8-0.2.el4
  • seamonkey-nspr-0:1.0.8-0.2.el2
  • seamonkey-nspr-0:1.0.8-0.2.el3
  • seamonkey-nspr-devel-0:1.0.8-0.2.el2
  • seamonkey-nspr-devel-0:1.0.8-0.2.el3
  • seamonkey-nss-0:1.0.8-0.2.el2
  • seamonkey-nss-0:1.0.8-0.2.el3
  • seamonkey-nss-devel-0:1.0.8-0.2.el2
  • seamonkey-nss-devel-0:1.0.8-0.2.el3
  • thunderbird-0:1.5.0.10-0.1.el4
  • thunderbird-debuginfo-0:1.5.0.10-0.1.el4
  • firefox-0:1.5.0.10-0.1.el4
  • firefox-debuginfo-0:1.5.0.10-0.1.el4
  • devhelp-0:0.12-10.0.1.el5
  • devhelp-debuginfo-0:0.12-10.0.1.el5
  • devhelp-devel-0:0.12-10.0.1.el5
  • firefox-0:1.5.0.10-2.el5
  • firefox-debuginfo-0:1.5.0.10-2.el5
  • yelp-0:2.16.0-14.0.1.el5
  • yelp-debuginfo-0:2.16.0-14.0.1.el5
  • thunderbird-0:1.5.0.10-1.el5
  • thunderbird-debuginfo-0:1.5.0.10-1.el5
refmap via4
bid 22694
bugtraq
  • 20070223 Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability
  • 20070226 rPSA-2007-0040-1 firefox
confirm
debian DSA-1336
fedora
  • FEDORA-2007-281
  • FEDORA-2007-293
hp
  • HPSBUX02153
  • SSRT061181
mandriva MDKSA-2007:050
misc http://www.hardened-php.net/advisory_032007.142.html
osvdb 33812
sectrack 1017702
secunia
  • 24205
  • 24287
  • 24290
  • 24320
  • 24328
  • 24333
  • 24342
  • 24343
  • 24384
  • 24395
  • 24455
  • 24457
  • 24650
  • 25588
sgi
  • 20070202-01-P
  • 20070301-01-P
slackware
  • SSA:2007-066-03
  • SSA:2007-066-05
suse
  • SUSE-SA:2007:019
  • SUSE-SA:2007:022
ubuntu USN-428-1
vupen ADV-2007-0718
Last major update 16-10-2018 - 16:36
Published 27-02-2007 - 02:28
Last modified 16-10-2018 - 16:36
Back to Top