CVE-2005-2707

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.

Affected Software

Name	Vendor	Start Version	End Version
Firefox	Mozilla	*	1.0.6 (including)
Firefox	Mozilla	1.0 (including)	1.0 (including)
Firefox	Mozilla	1.0.1 (including)	1.0.1 (including)
Firefox	Mozilla	1.0.2 (including)	1.0.2 (including)
Firefox	Mozilla	1.0.3 (including)	1.0.3 (including)
Firefox	Mozilla	1.0.4 (including)	1.0.4 (including)
Firefox	Mozilla	1.0.5 (including)	1.0.5 (including)
Mozilla_suite	Mozilla	*	1.7.11 (including)
Mozilla_suite	Mozilla	1.7.6 (including)	1.7.6 (including)
Mozilla_suite	Mozilla	1.7.7 (including)	1.7.7 (including)
Mozilla_suite	Mozilla	1.7.8 (including)	1.7.8 (including)
Mozilla_suite	Mozilla	1.7.10 (including)	1.7.10 (including)
Red Hat Enterprise Linux 4	RedHat	firefox-0:1.0.7-1.4.1	*
Red Hat Enterprise Linux 4	RedHat	devhelp-0:0.9.2-2.4.7	*
Red Hat Enterprise Linux 4	RedHat	thunderbird-0:1.0.7-1.4.1	*
Firefox	Ubuntu	dapper	*
Firefox	Ubuntu	devel	*
Firefox	Ubuntu	edgy	*
Firefox	Ubuntu	feisty	*
Mozilla	Ubuntu	dapper	*
Mozilla	Ubuntu	edgy	*
Mozilla-thunderbird	Ubuntu	dapper	*
Mozilla-thunderbird	Ubuntu	edgy	*
Mozilla-thunderbird	Ubuntu	feisty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2707
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References