CVE Vulnerabilities

CVE-2007-2870

Published: Jun 01, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed in the context of that site.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 1.5 (including) 1.5 (including)
Firefox Mozilla 1.5.0.1 (including) 1.5.0.1 (including)
Firefox Mozilla 1.5.0.2 (including) 1.5.0.2 (including)
Firefox Mozilla 1.5.0.3 (including) 1.5.0.3 (including)
Firefox Mozilla 1.5.0.4 (including) 1.5.0.4 (including)
Firefox Mozilla 1.5.0.5 (including) 1.5.0.5 (including)
Firefox Mozilla 1.5.0.6 (including) 1.5.0.6 (including)
Firefox Mozilla 1.5.0.7 (including) 1.5.0.7 (including)
Firefox Mozilla 1.5.0.8 (including) 1.5.0.8 (including)
Firefox Mozilla 1.5.0.9 (including) 1.5.0.9 (including)
Firefox Mozilla 1.5.0.10 (including) 1.5.0.10 (including)
Firefox Mozilla 1.5.0.11 (including) 1.5.0.11 (including)
Firefox Mozilla 2.0 (including) 2.0 (including)
Firefox Mozilla 2.0.0.1 (including) 2.0.0.1 (including)
Firefox Mozilla 2.0.0.2 (including) 2.0.0.2 (including)
Firefox Mozilla 2.0.0.3 (including) 2.0.0.3 (including)
Seamonkey Mozilla 1.0.9 (including) 1.0.9 (including)
Seamonkey Mozilla 1.1.2 (including) 1.1.2 (including)
Red Hat Enterprise Linux 2.1 RedHat seamonkey-0:1.0.9-0.1.el2 *
Red Hat Enterprise Linux 3 RedHat seamonkey-0:1.0.9-0.1.el3 *
Red Hat Enterprise Linux 4 RedHat firefox-0:1.5.0.12-0.1.el4 *
Red Hat Enterprise Linux 4 RedHat devhelp-0:0.10-0.8.el4 *
Red Hat Enterprise Linux 4 RedHat seamonkey-0:1.0.9-2.el4 *
Red Hat Enterprise Linux 5 RedHat devhelp-0:0.12-11.el5 *
Red Hat Enterprise Linux 5 RedHat firefox-0:1.5.0.12-1.el5 *
Red Hat Enterprise Linux 5 RedHat yelp-0:2.16.0-15.el5 *
Firefox Ubuntu dapper *
Firefox Ubuntu edgy *
Firefox Ubuntu feisty *
Iceape Ubuntu devel *
Lightning-sunbird Ubuntu devel *
Midbrowser Ubuntu devel *

References