Showing 1 - 7 of 7

CVE-2007-5337

Status Candidate

Overview

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.

Related Files

Gentoo Linux Security Advisory 200711-14: Posted Nov 13, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200711-14 - Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to cause a memory corruption. Before being used in a request, input passed to the user ID when making an HTTP request with digest authentication is not properly sanitized. The titlebar can be hidden by a XUL markup language document. Additionally, an error exists in the handling of smb: and sftp: URI schemes on systems with gnome-vfs support. An unspecified error in the handling of XPCNativeWrappers and not properly implementing JavaScript onUnload() handlers may allow the execution of arbitrary Javascript code. Another error is triggered by using the addMicrosummaryGenerator sidebar method to access file: URIs. Versions less than 2.0.0.9 are affected.; tags | advisory, web, arbitrary, javascript, vulnerability; systems | linux, gentoo; advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-5334, CVE-2007-5335, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 9406d653f481b768d289697671963843abc5749121b2f6c0fbe1ff5ea8d7b3e1; Download | Favorite | View

Debian Linux Security Advisory 1401-1: Posted Nov 6, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1401-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.; tags | advisory, remote, vulnerability; systems | linux, debian; advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 9bc7902a3a9d13707c50680a45511ae88d83140ad502a37acbb6b1f0fad70d4a; Download | Favorite | View

Debian Linux Security Advisory 1396-1: Posted Oct 29, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1396-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.; tags | advisory, remote, web, vulnerability; systems | linux, debian; advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 8fe44bb7245d98b16367831bc25a2cdbd53ab91d169bf07f76151139fb5dac32; Download | Favorite | View

Ubuntu Security Notice 536-1: Posted Oct 24, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 536-1 - A massive slew of vulnerabilities that relate to mozilla-thunderbird have been patched. It would be wise to upgrade now.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 5d868ca3cbf8195030fcde8ba5b7c3d30109913f90eb6ea9b8d3da2f0f586fd5; Download | Favorite | View

Mandriva Linux Security Advisory 2007.202: Posted Oct 23, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-4841, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 2135e6c07c0d7978822688d56feada1ec50ecedb20b2a667e7732def2eeac94d; Download | Favorite | View

Ubuntu Security Notice 535-1: Posted Oct 23, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.; tags | advisory, javascript, vulnerability; systems | linux, ubuntu; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5335, CVE-2007-5336, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | e937e8ad5d0b409d665ed543ec76877c5a6c7850fb23798031b11ce6ee1da4ed; Download | Favorite | View

Debian Linux Security Advisory 1392-1: Posted Oct 23, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1392-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.; tags | advisory, remote, vulnerability; systems | linux, debian; advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 07283a47e9583c7edb535f3b607f378ec46027553dd159a84808cd043699ff16; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2007-5337

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems