VDB
CVE-2007-0996
CVE-2007-0996
PUBLISHED
Reported by redhat · Published February 27, 2007
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, *, n/a |
Timeline
- Feb 27, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
- Nov 23, 2023 EPSS Score
References
- RHSA-2007:0078 vendor-advisoryx_refsource_REDHAT
- 24395 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:10086 vdb-entrysignaturex_refsource_OVAL
- 20070226 rPSA-2007-0040-1 firefox mailing-listx_refsource_BUGTRAQ
- 24328 third-party-advisoryx_refsource_SECUNIA
- RHSA-2007:0108 vendor-advisoryx_refsource_REDHAT
- SSA:2007-066-03 vendor-advisoryx_refsource_SLACKWARE
- 24384 third-party-advisoryx_refsource_SECUNIA
- 24457 third-party-advisoryx_refsource_SECUNIA
- 24343 third-party-advisoryx_refsource_SECUNIA
- DSA-1336 vendor-advisoryx_refsource_DEBIAN
- HPSBUX02153 vendor-advisoryx_refsource_HP
- x_refsource_CONFIRM
- ADV-2007-0718 vdb-entryx_refsource_VUPEN
- 24650 third-party-advisoryx_refsource_SECUNIA
- USN-428-1 vendor-advisoryx_refsource_UBUNTU
- 24320 third-party-advisoryx_refsource_SECUNIA
- 25588 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- SUSE-SA:2007:019 vendor-advisoryx_refsource_SUSE
…and 21 more