Mozilla Firefox和SeaMonkey 跨站脚本漏洞

漏洞信息详情

Mozilla Firefox和SeaMonkey 跨站脚本漏洞

• CNNVD编号：CNNVD-200702-485
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2007-0780
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2007-02-26
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2019-10-17
  
• 厂        商：
  
  mozilla
• 漏洞来源：
  Jesse Ruderman※ jr…

Mozilla Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。

Mozilla Firefox 1.5.0.10之前的1.5.x版本、2.0.0.2之前的2.x版本，SeaMonkey 1.0.8之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

http://www.mozilla.com/products/download.html?product=firefox-1.5.0.10&os=win&lang=en-US

http://www.mozilla.com/products/download.html?product=firefox-2.0.0.2&os=linux&lang=en-US

http://www.mozilla.com/products/download.html?product=thunderbird-1.5.0.10&os=linux&lang=en-US

来源:SECUNIA

链接:http://secunia.com/advisories/24437

来源:SECUNIA

链接:http://secunia.com/advisories/24238

来源:SLACKWARE

链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

来源:SECUNIA

链接:http://secunia.com/advisories/24455

来源:SECUNIA

链接:http://secunia.com/advisories/24333

来源:SECUNIA

链接:http://secunia.com/advisories/24457

来源:MANDRIVA

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

来源:BID

链接:https://www.securityfocus.com/bid/22694

来源:XF

链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/32667

来源:CONFIRM

链接:https://issues.rpath.com/browse/RPL-1103

来源:FEDORA

链接:http://fedoranews.org/cms/node/2713

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2007-0108.html

来源:SUSE

链接:http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2007-0078.html

来源:SLACKWARE

链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

来源:SECUNIA

链接:http://secunia.com/advisories/24384

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2007-0097.html

来源:SECUNIA

链接:http://secunia.com/advisories/24343

来源:SECUNIA

链接:http://secunia.com/advisories/24287

来源:SECUNIA

链接:http://secunia.com/advisories/24320

来源:SECUNIA

链接:http://secunia.com/advisories/24342

来源:MISC

链接:https://bugzilla.mozilla.org/show_bug.cgi?id=354973

来源:BUGTRAQ

链接:http://www.securityfocus.com/archive/1/461809/100/0/threaded

来源:CONFIRM

链接:http://www.mozilla.org/security/announce/2007/mfsa2007-05.html

来源:OVAL

链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884

来源:SECUNIA

链接:http://secunia.com/advisories/24205

来源:SECUNIA

链接:http://secunia.com/advisories/24328

来源:HP

链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

来源:UBUNTU

链接:http://www.ubuntu.com/usn/usn-428-1

来源:BUGTRAQ

链接:http://www.securityfocus.com/archive/1/461336/100/0/threaded

来源:SECTRACK

链接:http://www.securitytracker.com/id?1017702

来源:SECUNIA

链接:http://secunia.com/advisories/24290

来源:CONFIRM

链接:https://issues.rpath.com/browse/RPL-1081

来源:REDHAT

链接:http://rhn.redhat.com/errata/RHSA-2007-0077.html

来源:SECUNIA

链接:http://secunia.com/advisories/24395

来源:SECUNIA

链接:http://secunia.com/advisories/24650

来源:GENTOO

链接:http://security.gentoo.org/glsa/glsa-200703-04.xml

来源:GENTOO

链接:http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

来源:REDHAT

链接:http://www.redhat.com/support/errata/RHSA-2007-0079.html

来源:SECUNIA

链接:http://secunia.com/advisories/24293

来源:OSVDB

链接:http://www.osvdb.org/32107

来源:SUSE

链接:http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

来源:FEDORA

链接:http://fedoranews.org/cms/node/2728

来源:SECUNIA

链接:http://secunia.com/advisories/24393

来源:VUPEN

链接:http://www.vupen.com/english/advisories/2007/0718