Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Gravedad: Medio
Identificadores de CVE : CVE-2007-0994
Fecha recomendada: 20 de octubre de 2015
Descripción
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Revelación de la información
- 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Soluciones
Trend Micro Deep Security DPI Rule Number: 1001049
Trend Micro Deep Security DPI Rule Name: 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Software y versión afectados
- Mozilla Firefox
- Red Hat thunderbird 4