Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Schweregrad:: Mittel
CVE Kennungen:: CVE-2007-0994
Hinweisdatum: 20 Oktober 2015
Beschreibung
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Trend Micro Lösungen
- 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Lösungen
Trend Micro Deep Security DPI Rule Number: 1001049
Trend Micro Deep Security DPI Rule Name: 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Betroffene Software und Version:
- Mozilla Firefox
- Red Hat thunderbird 4