危険度:
  CVE識別番号: CVE-2007-0994
  情報公開日: 10 20, 2015

  概要

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

  トレンドマイクロの対策

  • 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1001049
  Trend Micro Deep Security DPI Rule Name: 1001049 - Mozilla Firefox Javascript URI Remote Code Execution Vulnerability

  影響を受けるソフトウェア

  • Mozilla Firefox
  • Red Hat thunderbird 4