CVE-2007-3844
published 2007-08-08CVE-2007-3844: Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
5.45%
91.7th percentile
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | — | — |
| mozilla | seamonkey | — | — |
| mozilla | thunderbird | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
vendor_ubuntu4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6p6h-7mm4-6mhv: Mozilla Firefox 2
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2007-3844 [MEDIUM] GHSA-6p6h-7mm4-6mhv: Mozilla Firefox 2
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2007-08-25·CVSS 4.3
CVE-2007-3845 [MEDIUM] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious email, an attacker could execute
arbitrary code with the user's privileges. Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable it.
(CVE-2007-3734, CVE-2007-3735, CVE-2007-3844)
Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious email,
an attacker could execute helpers with arbitrary arguments with the
user's privileges. (CVE-2007-3670, CVE-2007-3845)
Instructions: After a standard system upgrade you need to restart Thunde
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2007-08-01·CVSS 4.3
CVE-2007-3844 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
A flaw was discovered in handling of "about:blank" windows used by
addons. A malicious web site could exploit this to modify the contents,
or steal confidential data (such as passwords), of other web pages.
(CVE-2007-3844)
Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious web page,
an attacker could execute helpers with arbitrary arguments with the
user's privileges. (CVE-2007-3845)
Instructions: After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
Red Hat
about: blank windows
vendor_redhat·2007-07-31·CVSS 4.3
CVE-2007-3844 [MEDIUM] about: blank windows
about: blank windows
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.
Statement: Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=250648
The Red Hat Product Security has rated this issue as having moderate security impact, a future update may address this flaw.
No detection rules found.
Bugzilla
Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
bugzilla·2007-10-16·CVSS 6.8
CVE-2007-1095 [MEDIUM] Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
Here is a rough breakdown of the flaws grouped by type. The official
definition of these issues can be found on the upstream security page here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html
Leveraging browser flaws, fooling users into possibly surrendering sensitive
information (Moderate):
CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334
Malformed web content could result in the execution of arbitrary commands
(Critical):
CVE-2007-5336, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
Digest Authentication requests can be used to conduct a response splitting
attack (Moderate):
CVE-2007-2292
Bugzilla
CVE-2007-3844 Privilege escalation through chrome-loaded about:blank windows
bugzilla·2007-08-02·CVSS 4.3
CVE-2007-3844 [MEDIUM] CVE-2007-3844 Privilege escalation through chrome-loaded about:blank windows
CVE-2007-3844 Privilege escalation through chrome-loaded about:blank windows
MFSA2007-26 describes a flaw in the way Firefox loads certain about:blank
windows. This flaw could allow certain Firefox extensions to be leveraged to
execute arbitrary code as the user running Firefox.
http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
Discussion:
This issue was addressed in all versions of Red Hat Enterprise Linux for
firefox, seamonkey and thunderbird in following erratas:
https://rhn.redhat.com/errata/RHSA-2007-0979.html
https://rhn.redhat.com/errata/RHSA-2007-0980.html
https://rhn.redhat.com/errata/RHSA-2007-0981.html
Updates for Fedora are also available now.
http://bugzilla.mozilla.org/show_bug.cgi?id=388121http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579http://secunia.com/advisories/26234http://secunia.com/advisories/26258http://secunia.com/advisories/26288http://secunia.com/advisories/26303http://secunia.com/advisories/26309http://secunia.com/advisories/26331http://secunia.com/advisories/26335http://secunia.com/advisories/26393http://secunia.com/advisories/26460http://secunia.com/advisories/26572http://secunia.com/advisories/27276http://secunia.com/advisories/27298http://secunia.com/advisories/27325http://secunia.com/advisories/27326http://secunia.com/advisories/27327http://secunia.com/advisories/27356http://secunia.com/advisories/27414http://secunia.com/advisories/27680http://secunia.com/advisories/28135http://secunia.com/advisories/28363http://securitytracker.com/id?1018479http://securitytracker.com/id?1018480http://securitytracker.com/id?1018481http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.htmlhttp://www.debian.org/security/2007/dsa-1344http://www.debian.org/security/2007/dsa-1345http://www.debian.org/security/2007/dsa-1346http://www.debian.org/security/2007/dsa-1391http://www.gentoo.org/security/en/glsa/glsa-200708-09.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:152http://www.mandriva.com/security/advisories?name=MDVSA-2007:047http://www.mandriva.com/security/advisories?name=MDVSA-2008:047http://www.mozilla.org/security/announce/2007/mfsa2007-26.htmlhttp://www.novell.com/linux/security/advisories/2007_57_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0979.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0980.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0981.htmlhttp://www.securityfocus.com/archive/1/475265/100/200/threadedhttp://www.securityfocus.com/archive/1/475450/30/5550/threadedhttp://www.securityfocus.com/bid/25142http://www.ubuntu.com/usn/usn-493-1http://www.ubuntu.com/usn/usn-503-1http://www.vupen.com/english/advisories/2007/3587http://www.vupen.com/english/advisories/2007/4256http://www.vupen.com/english/advisories/2008/0082https://issues.rpath.com/browse/RPL-1600https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9493https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.htmlhttp://bugzilla.mozilla.org/show_bug.cgi?id=388121http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579http://secunia.com/advisories/26234http://secunia.com/advisories/26258http://secunia.com/advisories/26288http://secunia.com/advisories/26303http://secunia.com/advisories/26309http://secunia.com/advisories/26331http://secunia.com/advisories/26335http://secunia.com/advisories/26393http://secunia.com/advisories/26460http://secunia.com/advisories/26572http://secunia.com/advisories/27276http://secunia.com/advisories/27298http://secunia.com/advisories/27325http://secunia.com/advisories/27326http://secunia.com/advisories/27327http://secunia.com/advisories/27356http://secunia.com/advisories/27414http://secunia.com/advisories/27680http://secunia.com/advisories/28135http://secunia.com/advisories/28363http://securitytracker.com/id?1018479http://securitytracker.com/id?1018480http://securitytracker.com/id?1018481http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.htmlhttp://www.debian.org/security/2007/dsa-1344http://www.debian.org/security/2007/dsa-1345http://www.debian.org/security/2007/dsa-1346http://www.debian.org/security/2007/dsa-1391http://www.gentoo.org/security/en/glsa/glsa-200708-09.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:152http://www.mandriva.com/security/advisories?name=MDVSA-2007:047http://www.mandriva.com/security/advisories?name=MDVSA-2008:047http://www.mozilla.org/security/announce/2007/mfsa2007-26.htmlhttp://www.novell.com/linux/security/advisories/2007_57_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0979.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0980.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0981.htmlhttp://www.securityfocus.com/archive/1/475265/100/200/threadedhttp://www.securityfocus.com/archive/1/475450/30/5550/threaded
+ 10 more references
2007-08-08
Published