ByteOS Network

NVD Vulnerability Details :

CVE-2007-0981

Modified

Source-cve@mitre.org

Published At-16 Feb, 2007 | 01:28

Updated At-16 Oct, 2018 | 16:35

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

Hyperlink	Source	Resource
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc	cve@mitre.org	N/A
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc	cve@mitre.org	N/A
http://fedoranews.org/cms/node/2713	cve@mitre.org	N/A
http://fedoranews.org/cms/node/2728	cve@mitre.org	N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	cve@mitre.org	N/A
http://lcamtuf.dione.cc/ffhostname.html	cve@mitre.org	Exploit
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html	cve@mitre.org	N/A
http://rhn.redhat.com/errata/RHSA-2007-0077.html	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24175	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24205	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24238	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24287	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24290	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24293	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24320	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24328	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24333	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24342	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24343	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24384	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24393	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24395	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24437	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24455	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24457	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/24650	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/25588	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200703-04.xml	cve@mitre.org	N/A
http://securityreason.com/securityalert/2262	cve@mitre.org	N/A
http://securitytracker.com/id?1017654	cve@mitre.org	N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131	cve@mitre.org	N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851	cve@mitre.org	N/A
http://www.debian.org/security/2007/dsa-1336	cve@mitre.org	N/A
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml	cve@mitre.org	N/A
http://www.kb.cert.org/vuls/id/885753	cve@mitre.org	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050	cve@mitre.org	N/A
http://www.mozilla.org/security/announce/2007/mfsa2007-07.html	cve@mitre.org	N/A
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html	cve@mitre.org	N/A
http://www.osvdb.org/32104	cve@mitre.org	N/A
http://www.redhat.com/support/errata/RHSA-2007-0078.html	cve@mitre.org	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0079.html	cve@mitre.org	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0097.html	cve@mitre.org	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0108.html	cve@mitre.org	Vendor Advisory
http://www.securityfocus.com/archive/1/460126/100/200/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/460217/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/461336/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/461809/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/bid/22566	cve@mitre.org	N/A
http://www.ubuntu.com/usn/usn-428-1	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/0624	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/0718	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2008/0083	cve@mitre.org	N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=370445	cve@mitre.org	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32533	cve@mitre.org	N/A
https://issues.rpath.com/browse/RPL-1081	cve@mitre.org	N/A
https://issues.rpath.com/browse/RPL-1103	cve@mitre.org	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730	cve@mitre.org	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History