CVE-2007-3511
Vulnerability from cvelistv5
Published
2007-07-03 10:00
Modified
2024-08-07 14:21
Severity ?
Summary
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
cve@mitre.orghttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
cve@mitre.orghttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
cve@mitre.orghttp://osvdb.org/37994
cve@mitre.orghttp://secunia.com/advisories/25904Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27276Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27298Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27325Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27327Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27335Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27336Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27356Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27383Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27387Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27403Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27414Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27425Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27480Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/27680Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1018837
cve@mitre.orghttp://sla.ckers.org/forum/read.php?3%2C13142
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
cve@mitre.orghttp://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
cve@mitre.orghttp://www.debian.org/security/2007/dsa-1392
cve@mitre.orghttp://www.debian.org/security/2007/dsa-1396
cve@mitre.orghttp://www.debian.org/security/2007/dsa-1401
cve@mitre.orghttp://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
cve@mitre.orghttp://www.mozilla.org/security/announce/2007/mfsa2007-32.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2007_57_mozilla.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2007-0979.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2007-0980.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2007-0981.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/482876/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/482925/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/482932/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/24725
cve@mitre.orghttp://www.ubuntu.com/usn/usn-536-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/3544Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/3587Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0083Vendor Advisory
cve@mitre.orghttp://yathong.googlepages.com/FirefoxFocusBug.htmlExploit
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/35299
cve@mitre.orghttps://issues.rpath.com/browse/RPL-1858
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763
cve@mitre.orghttps://usn.ubuntu.com/535-1/
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/37994
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25904Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27276Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27298Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27325Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27327Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27335Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27336Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27356Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27383Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27387Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27403Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27414Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27425Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27480Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27680Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1018837
af854a3a-2127-422b-91ae-364da2661108http://sla.ckers.org/forum/read.php?3%2C13142
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1392
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1396
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1401
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0979.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0980.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0981.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/482876/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/482925/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/482932/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24725
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-536-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3544Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3587Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://yathong.googlepages.com/FirefoxFocusBug.htmlExploit
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/35299
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1858
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/535-1/
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
Impacted products
Vendor Product Version
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T14:21:36.262Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "24725",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/24725",
               },
               {
                  name: "FEDORA-2007-2601",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html",
               },
               {
                  name: "20071026 rPSA-2007-0225-1 firefox",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/482876/100/200/threaded",
               },
               {
                  name: "ADV-2007-3587",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2007/3587",
               },
               {
                  name: "27414",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27414",
               },
               {
                  name: "20071029 FLEA-2007-0062-1 firefox",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/482925/100/0/threaded",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://issues.rpath.com/browse/RPL-1858",
               },
               {
                  name: "firefox-focus-security-bypass(35299)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299",
               },
               {
                  name: "HPSBUX02153",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
               },
               {
                  name: "27298",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27298",
               },
               {
                  name: "1018837",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1018837",
               },
               {
                  name: "27327",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27327",
               },
               {
                  name: "ADV-2007-3544",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2007/3544",
               },
               {
                  name: "27276",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27276",
               },
               {
                  name: "USN-535-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/535-1/",
               },
               {
                  name: "DSA-1401",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2007/dsa-1401",
               },
               {
                  name: "DSA-1392",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2007/dsa-1392",
               },
               {
                  name: "RHSA-2007:0980",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2007-0980.html",
               },
               {
                  name: "27383",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27383",
               },
               {
                  name: "SUSE-SA:2007:057",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html",
               },
               {
                  name: "27356",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27356",
               },
               {
                  name: "RHSA-2007:0981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2007-0981.html",
               },
               {
                  name: "37994",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://osvdb.org/37994",
               },
               {
                  name: "ADV-2008-0083",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2008/0083",
               },
               {
                  name: "27387",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27387",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://sla.ckers.org/forum/read.php?3%2C13142",
               },
               {
                  name: "FEDORA-2007-3431",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html",
               },
               {
                  name: "27403",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27403",
               },
               {
                  name: "27336",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27336",
               },
               {
                  name: "DSA-1396",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2007/dsa-1396",
               },
               {
                  name: "27425",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27425",
               },
               {
                  name: "20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html",
               },
               {
                  name: "SSRT061181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
               },
               {
                  name: "oval:org.mitre.oval:def:9763",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763",
               },
               {
                  name: "27325",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27325",
               },
               {
                  name: "MDKSA-2007:202",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202",
               },
               {
                  name: "RHSA-2007:0979",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2007-0979.html",
               },
               {
                  name: "27335",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27335",
               },
               {
                  name: "25904",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/25904",
               },
               {
                  name: "FEDORA-2007-2664",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html",
               },
               {
                  name: "27480",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27480",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://yathong.googlepages.com/FirefoxFocusBug.html",
               },
               {
                  name: "27680",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/27680",
               },
               {
                  name: "20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
               },
               {
                  name: "201516",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUNALERT",
                     "x_transferred",
                  ],
                  url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1",
               },
               {
                  name: "20071029 rPSA-2007-0225-2 firefox thunderbird",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/482932/100/200/threaded",
               },
               {
                  name: "USN-536-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/usn-536-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2007-06-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \"for\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-15T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "24725",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/24725",
            },
            {
               name: "FEDORA-2007-2601",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html",
            },
            {
               name: "20071026 rPSA-2007-0225-1 firefox",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/482876/100/200/threaded",
            },
            {
               name: "ADV-2007-3587",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2007/3587",
            },
            {
               name: "27414",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27414",
            },
            {
               name: "20071029 FLEA-2007-0062-1 firefox",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/482925/100/0/threaded",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://issues.rpath.com/browse/RPL-1858",
            },
            {
               name: "firefox-focus-security-bypass(35299)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299",
            },
            {
               name: "HPSBUX02153",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
            },
            {
               name: "27298",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27298",
            },
            {
               name: "1018837",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1018837",
            },
            {
               name: "27327",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27327",
            },
            {
               name: "ADV-2007-3544",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2007/3544",
            },
            {
               name: "27276",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27276",
            },
            {
               name: "USN-535-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/535-1/",
            },
            {
               name: "DSA-1401",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2007/dsa-1401",
            },
            {
               name: "DSA-1392",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2007/dsa-1392",
            },
            {
               name: "RHSA-2007:0980",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2007-0980.html",
            },
            {
               name: "27383",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27383",
            },
            {
               name: "SUSE-SA:2007:057",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html",
            },
            {
               name: "27356",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27356",
            },
            {
               name: "RHSA-2007:0981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2007-0981.html",
            },
            {
               name: "37994",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://osvdb.org/37994",
            },
            {
               name: "ADV-2008-0083",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2008/0083",
            },
            {
               name: "27387",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27387",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://sla.ckers.org/forum/read.php?3%2C13142",
            },
            {
               name: "FEDORA-2007-3431",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html",
            },
            {
               name: "27403",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27403",
            },
            {
               name: "27336",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27336",
            },
            {
               name: "DSA-1396",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2007/dsa-1396",
            },
            {
               name: "27425",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27425",
            },
            {
               name: "20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html",
            },
            {
               name: "SSRT061181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
            },
            {
               name: "oval:org.mitre.oval:def:9763",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763",
            },
            {
               name: "27325",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27325",
            },
            {
               name: "MDKSA-2007:202",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202",
            },
            {
               name: "RHSA-2007:0979",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2007-0979.html",
            },
            {
               name: "27335",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27335",
            },
            {
               name: "25904",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/25904",
            },
            {
               name: "FEDORA-2007-2664",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html",
            },
            {
               name: "27480",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27480",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://yathong.googlepages.com/FirefoxFocusBug.html",
            },
            {
               name: "27680",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/27680",
            },
            {
               name: "20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
            },
            {
               name: "201516",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
               ],
               url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1",
            },
            {
               name: "20071029 rPSA-2007-0225-2 firefox thunderbird",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/482932/100/200/threaded",
            },
            {
               name: "USN-536-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/usn-536-1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2007-3511",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \"for\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "24725",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/24725",
                  },
                  {
                     name: "FEDORA-2007-2601",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html",
                  },
                  {
                     name: "20071026 rPSA-2007-0225-1 firefox",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/482876/100/200/threaded",
                  },
                  {
                     name: "ADV-2007-3587",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2007/3587",
                  },
                  {
                     name: "27414",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27414",
                  },
                  {
                     name: "20071029 FLEA-2007-0062-1 firefox",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/482925/100/0/threaded",
                  },
                  {
                     name: "https://issues.rpath.com/browse/RPL-1858",
                     refsource: "CONFIRM",
                     url: "https://issues.rpath.com/browse/RPL-1858",
                  },
                  {
                     name: "firefox-focus-security-bypass(35299)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299",
                  },
                  {
                     name: "HPSBUX02153",
                     refsource: "HP",
                     url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
                  },
                  {
                     name: "27298",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27298",
                  },
                  {
                     name: "1018837",
                     refsource: "SECTRACK",
                     url: "http://securitytracker.com/id?1018837",
                  },
                  {
                     name: "27327",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27327",
                  },
                  {
                     name: "ADV-2007-3544",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2007/3544",
                  },
                  {
                     name: "27276",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27276",
                  },
                  {
                     name: "USN-535-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/535-1/",
                  },
                  {
                     name: "DSA-1401",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2007/dsa-1401",
                  },
                  {
                     name: "DSA-1392",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2007/dsa-1392",
                  },
                  {
                     name: "RHSA-2007:0980",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2007-0980.html",
                  },
                  {
                     name: "27383",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27383",
                  },
                  {
                     name: "SUSE-SA:2007:057",
                     refsource: "SUSE",
                     url: "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html",
                  },
                  {
                     name: "27356",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27356",
                  },
                  {
                     name: "RHSA-2007:0981",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2007-0981.html",
                  },
                  {
                     name: "37994",
                     refsource: "OSVDB",
                     url: "http://osvdb.org/37994",
                  },
                  {
                     name: "ADV-2008-0083",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2008/0083",
                  },
                  {
                     name: "27387",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27387",
                  },
                  {
                     name: "http://sla.ckers.org/forum/read.php?3,13142",
                     refsource: "MISC",
                     url: "http://sla.ckers.org/forum/read.php?3,13142",
                  },
                  {
                     name: "FEDORA-2007-3431",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html",
                  },
                  {
                     name: "27403",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27403",
                  },
                  {
                     name: "27336",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27336",
                  },
                  {
                     name: "DSA-1396",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2007/dsa-1396",
                  },
                  {
                     name: "27425",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27425",
                  },
                  {
                     name: "20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
                     refsource: "FULLDISC",
                     url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html",
                  },
                  {
                     name: "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html",
                     refsource: "CONFIRM",
                     url: "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html",
                  },
                  {
                     name: "SSRT061181",
                     refsource: "HP",
                     url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
                  },
                  {
                     name: "oval:org.mitre.oval:def:9763",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763",
                  },
                  {
                     name: "27325",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27325",
                  },
                  {
                     name: "MDKSA-2007:202",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202",
                  },
                  {
                     name: "RHSA-2007:0979",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2007-0979.html",
                  },
                  {
                     name: "27335",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27335",
                  },
                  {
                     name: "25904",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/25904",
                  },
                  {
                     name: "FEDORA-2007-2664",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html",
                  },
                  {
                     name: "27480",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27480",
                  },
                  {
                     name: "http://yathong.googlepages.com/FirefoxFocusBug.html",
                     refsource: "MISC",
                     url: "http://yathong.googlepages.com/FirefoxFocusBug.html",
                  },
                  {
                     name: "27680",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/27680",
                  },
                  {
                     name: "20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities",
                     refsource: "FULLDISC",
                     url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html",
                  },
                  {
                     name: "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
                     refsource: "CONFIRM",
                     url: "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
                  },
                  {
                     name: "201516",
                     refsource: "SUNALERT",
                     url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1",
                  },
                  {
                     name: "20071029 rPSA-2007-0225-2 firefox thunderbird",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/482932/100/200/threaded",
                  },
                  {
                     name: "USN-536-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/usn-536-1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2007-3511",
      datePublished: "2007-07-03T10:00:00",
      dateReserved: "2007-07-02T00:00:00",
      dateUpdated: "2024-08-07T14:21:36.262Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2007-3511\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-03T10:30:00.000\",\"lastModified\":\"2024-11-21T00:33:25.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \\\"for\\\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.\"},{\"lang\":\"es\",\"value\":\"El manejo del enfoque para el evento onkeydown en Mozilla Firefox versiones 1.5.0.12, 2.0.0.0.4 y otras versiones anteriores a 2.0.0.8, y SeaMonkey versiones anteriores a 1.1.5, permite a atacantes remotos cambiar el enfoque del campo y copiar las pulsaciones de teclas por medio del atributo \\\"for\\\" en una etiqueta, lo que omite la prevención del enfoque, tal y como es demostrado cambiando el enfoque desde un área de texto hacia un campo de carga de archivos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.0.7\",\"matchCriteriaId\":\"5A383873-7B11-41FA-A64D-8526370456F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"824369CF-00A0-434E-94BC-71CA1317012C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6121F9C1-F4DF-4AAB-9E51-AC1592AA5639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58D44634-A0B5-4F05-8983-B08D392EC742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.4\",\"matchCriteriaId\":\"BB0F8C75-4934-453B-B502-8D0B6E9873EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09E18FC0-0C8C-4FA1-85B9-B868D00F002F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*\",\"matchCriteriaId\":\"D62F740C-706B-4290-AD92-3ECBC3D30768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*\",\"matchCriteriaId\":\"30B95DB4-EC98-4046-A894-26CA0807456B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*\",\"matchCriteriaId\":\"55344F76-1C42-4DD8-A28B-1C33626C6FD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A97B6E1-EABA-4977-A3FC-64DF0392AA95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6521C877-63C9-4B6E-9FC9-1263FFBB7950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D949DF0A-CBC2-40E1-AE6C-60E6F58D2481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22D33486-4956-4E2C-BA16-FA269A9D02BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3104343E-93B6-4D4A-BC95-ED9F7E91FB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"381313EF-DF84-4F66-9962-DE8F45029D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0228476-14E4-443C-BBAE-2C9CD8594DC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A803A500-DCE2-44FC-ABEB-A90A1D39D85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022274DE-5251-49C9-B6E5-1D8CEDC34E7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1E99882-786F-455F-BAC4-30716120964A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F84CB7-93F7-4912-BC87-497867B96491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40270FBD-744A-49D9-9FFA-1DCD897210D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E01097-F60A-4FB2-BA47-84A267EE87D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F65732F-317B-49A2-B9B0-FA1102B8B45C\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/37994\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25904\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27276\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27298\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27325\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27327\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27335\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27336\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27356\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27383\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27387\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27403\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27414\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27425\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27480\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27680\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018837\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sla.ckers.org/forum/read.php?3%2C13142\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1392\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1396\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1401\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mozilla.org/security/announce/2007/mfsa2007-32.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_57_mozilla.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0979.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0980.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0981.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/482876/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/482925/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/482932/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24725\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-536-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3544\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3587\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://yathong.googlepages.com/FirefoxFocusBug.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35299\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1858\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/535-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/37994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27276\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27335\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27336\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27403\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27480\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27680\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sla.ckers.org/forum/read.php?3%2C13142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1392\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2007/mfsa2007-32.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_57_mozilla.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0979.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0980.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0981.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482876/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482925/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/482932/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-536-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3544\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://yathong.googlepages.com/FirefoxFocusBug.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/535-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.