Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2007-0981 — Mozilla Firefox vulnerability
Severity
7.5HIGHNVD
EPSS
16.4%
top 5.11%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedFeb 16
Latest updateMay 3
Description
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages2 packages
🔴Vulnerability Details
1💥Exploits & PoCs
1📋Vendor Advisories
3💬Community
7Bugzilla▶
CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007↗2007-03-01
Bugzilla▶
CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007↗2007-03-01
Bugzilla▶
CVE-2007-0775 Multiple Firefox flaws (CVE-2007-0777, CVE-2007-0994, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-000↗2007-02-26
Bugzilla▶
CVE-2007-0775 Multiple Seamonkey flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0↗2007-02-23