CVE Vulnerabilities

CVE-2007-3736

Published: Jul 18, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script into another sites context via a timing issue involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 2.0.0.2 2.0.0.2
Firefox Mozilla 2.0 2.0
Firefox Mozilla 2.0.0.3 2.0.0.3
Firefox Mozilla 2.0.0.4 2.0.0.4
Firefox Mozilla 2.0.0.1 2.0.0.1

References