Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Gravità: : Medio
Identificatori CVE: CVE-2007-0994
Data notifica: 20 ottobre 2015
Descrizione
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Informazioni esposizione:
- 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1001049
Trend Micro Deep Security DPI Rule Name: 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability
Software e versione interessati:
- Mozilla Firefox
- Red Hat thunderbird 4