CVE-2007-0996 - The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0

CVE-2007-0996

Summary

The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 16-10-2018 - 16:36)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:N

oval via4

accepted

2013-04-29T04:01:25.271-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:10086

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

bugzilla

id	1618288
title	CVE-2007-0996 security flaw

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment devhelp is earlier than 0:0.12-10.0.1.el5
oval oval:com.redhat.rhsa:tst:20070097001
comment devhelp is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070097002

AND

comment devhelp-devel is earlier than 0:0.12-10.0.1.el5
oval oval:com.redhat.rhsa:tst:20070097003
comment devhelp-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070097004

AND
comment yelp is earlier than 0:2.16.0-14.0.1.el5
oval oval:com.redhat.rhsa:tst:20070097005
comment yelp is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070097006
AND
comment firefox is earlier than 0:1.5.0.10-2.el5
oval oval:com.redhat.rhsa:tst:20070097007
comment firefox is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070097008

rhsa

id	RHSA-2007:0097
released	2007-03-14
severity	Critical
title	RHSA-2007:0097: firefox security update (Critical)

rhsa
id RHSA-2007:0077
rhsa
id RHSA-2007:0078
rhsa
id RHSA-2007:0079
rhsa
id RHSA-2007:0108

rpms

devhelp-0:0.10-0.7.el4
devhelp-debuginfo-0:0.10-0.7.el4
devhelp-devel-0:0.10-0.7.el4
seamonkey-0:1.0.8-0.2.el2
seamonkey-0:1.0.8-0.2.el3
seamonkey-0:1.0.8-0.2.el4
seamonkey-chat-0:1.0.8-0.2.el2
seamonkey-chat-0:1.0.8-0.2.el3
seamonkey-chat-0:1.0.8-0.2.el4
seamonkey-debuginfo-0:1.0.8-0.2.el3
seamonkey-debuginfo-0:1.0.8-0.2.el4
seamonkey-devel-0:1.0.8-0.2.el2
seamonkey-devel-0:1.0.8-0.2.el3
seamonkey-devel-0:1.0.8-0.2.el4
seamonkey-dom-inspector-0:1.0.8-0.2.el2
seamonkey-dom-inspector-0:1.0.8-0.2.el3
seamonkey-dom-inspector-0:1.0.8-0.2.el4
seamonkey-js-debugger-0:1.0.8-0.2.el2
seamonkey-js-debugger-0:1.0.8-0.2.el3
seamonkey-js-debugger-0:1.0.8-0.2.el4
seamonkey-mail-0:1.0.8-0.2.el2
seamonkey-mail-0:1.0.8-0.2.el3
seamonkey-mail-0:1.0.8-0.2.el4
seamonkey-nspr-0:1.0.8-0.2.el2
seamonkey-nspr-0:1.0.8-0.2.el3
seamonkey-nspr-devel-0:1.0.8-0.2.el2
seamonkey-nspr-devel-0:1.0.8-0.2.el3
seamonkey-nss-0:1.0.8-0.2.el2
seamonkey-nss-0:1.0.8-0.2.el3
seamonkey-nss-devel-0:1.0.8-0.2.el2
seamonkey-nss-devel-0:1.0.8-0.2.el3
thunderbird-0:1.5.0.10-0.1.el4
thunderbird-debuginfo-0:1.5.0.10-0.1.el4
firefox-0:1.5.0.10-0.1.el4
firefox-debuginfo-0:1.5.0.10-0.1.el4
devhelp-0:0.12-10.0.1.el5
devhelp-debuginfo-0:0.12-10.0.1.el5
devhelp-devel-0:0.12-10.0.1.el5
firefox-0:1.5.0.10-2.el5
firefox-debuginfo-0:1.5.0.10-2.el5
yelp-0:2.16.0-14.0.1.el5
yelp-debuginfo-0:2.16.0-14.0.1.el5
thunderbird-0:1.5.0.10-1.el5
thunderbird-debuginfo-0:1.5.0.10-1.el5

refmap via4

bid	22694
bugtraq	20070223 Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability 20070226 rPSA-2007-0040-1 firefox
confirm	http://www.mozilla.org/security/announce/2007/mfsa2007-02.html https://issues.rpath.com/browse/RPL-1103
debian	DSA-1336
fedora	FEDORA-2007-281 FEDORA-2007-293
hp	HPSBUX02153 SSRT061181
mandriva	MDKSA-2007:050
misc	http://www.hardened-php.net/advisory_032007.142.html
osvdb	33812
sectrack	1017702
secunia	24205 24287 24290 24320 24328 24333 24342 24343 24384 24395 24455 24457 24650 25588
sgi	20070202-01-P 20070301-01-P
slackware	SSA:2007-066-03 SSA:2007-066-05
suse	SUSE-SA:2007:019 SUSE-SA:2007:022
ubuntu	USN-428-1
vupen	ADV-2007-0718

Last major update

16-10-2018 - 16:36

Published

27-02-2007 - 02:28

Last modified

16-10-2018 - 16:36