CVE-2007-5334 Information
Description
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window’s titlebar when displaying XUL markup language documents which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
Reference
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://secunia.com/advisories/27276 http://secunia.com/advisories/27298 http://secunia.com/advisories/27311 http://secunia.com/advisories/27315 http://secunia.com/advisories/27325 http://secunia.com/advisories/27327 http://secunia.com/advisories/27335 http://secunia.com/advisories/27336 http://secunia.com/advisories/27356 http://secunia.com/advisories/27360 http://secunia.com/advisories/27383 http://secunia.com/advisories/27387 http://secunia.com/advisories/27403 http://secunia.com/advisories/27414 http://secunia.com/advisories/27425 http://secunia.com/advisories/27480 http://secunia.com/advisories/27665 http://secunia.com/advisories/27680 http://secunia.com/advisories/28398 http://securitytracker.com/id?1018837 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html http://www.debian.org/security/2007/dsa-1392 http://www.debian.org/security/2007/dsa-1396 http://www.debian.org/security/2007/dsa-1401 http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml http://www.kb.cert.org/vuls/id/349217 http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202 http://www.mozilla.org/security/announce/2007/mfsa2007-33.html http://www.novell.com/linux/security/advisories/2007_57_mozilla.html http://www.redhat.com/support/errata/RHSA-2007-0979.html http://www.redhat.com/support/errata/RHSA-2007-0980.html http://www.redhat.com/support/errata/RHSA-2007-0981.html http://www.securityfocus.com/archive/1/482876/100/200/threaded http://www.securityfocus.com/archive/1/482925/100/0/threaded http://www.securityfocus.com/archive/1/482932/100/200/threaded http://www.securityfocus.com/bid/26132 http://www.ubuntu.com/usn/usn-536-1 http://www.vupen.com/english/advisories/2007/3544 http://www.vupen.com/english/advisories/2007/3587 http://www.vupen.com/english/advisories/2008/0083 https://bugzilla.mozilla.org/show_bug.cgi?id=391043 https://exchange.xforce.ibmcloud.com/vulnerabilities/37286 https://issues.rpath.com/browse/RPL-1858 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11482 https://usn.ubuntu.com/535-1/ https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
Share on: