Home > Vulnerability Database > CVE-2007-5334

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-5334

Date: October 21, 2007

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.

Severity Score

3.7

Related Resources (54)

Url: http://secunia.com/advisories/27480

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/37286

Url: http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

Url: http://secunia.com/advisories/27680

Url: http://secunia.com/advisories/27360

Url: http://www.debian.org/security/2007/dsa-1401

Url: http://www.securityfocus.com/archive/1/482932/100/200/threaded

Url: http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-5334

Url: http://secunia.com/advisories/27356

Url: http://secunia.com/advisories/27311

Url: http://www.novell.com/linux/security/advisories/2007_57_mozilla.html

Url: http://secunia.com/advisories/27276

Url: http://secunia.com/advisories/27315

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Url: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

Url: https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

Url: http://www.securityfocus.com/archive/1/482925/100/0/threaded

Url: http://secunia.com/advisories/27327

Url: http://secunia.com/advisories/27403

Url: http://secunia.com/advisories/27325

Url: http://securitytracker.com/id?1018837

Url: https://usn.ubuntu.com/535-1/

Url: http://www.kb.cert.org/vuls/id/349217

Url: http://secunia.com/advisories/27383

Url: https://access.redhat.com/security/cve/CVE-2007-5334

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-5334

Url: http://www.vupen.com/english/advisories/2007/3544

Url: http://www.vupen.com/english/advisories/2007/3587

Url: http://www.vupen.com/english/advisories/2008/0083

Url: https://issues.rpath.com/browse/RPL-1858

Url: http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml

Url: http://www.redhat.com/support/errata/RHSA-2007-0981.html

Url: http://secunia.com/advisories/27298

Url: http://www.securityfocus.com/bid/26132

Url: http://secunia.com/advisories/27414

Url: http://secunia.com/advisories/27336

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=391043

Url: http://www.redhat.com/support/errata/RHSA-2007-0979.html

Url: http://secunia.com/advisories/27335

Url: http://www.securityfocus.com/archive/1/482876/100/200/threaded

Url: https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11482

Url: http://www.redhat.com/support/errata/RHSA-2007-0980.html

Url: http://www.debian.org/security/2007/dsa-1396

Url: http://www.ubuntu.com/usn/usn-536-1

Url: http://www.debian.org/security/2007/dsa-1392

Url: http://secunia.com/advisories/27387

Url: http://www.mozilla.org/security/announce/2007/mfsa2007-33.html

Url: http://secunia.com/advisories/28398

Url: http://secunia.com/advisories/27425

Url: http://secunia.com/advisories/27665

Url: https://www.mend.io/vulnerability-database/CVE-2007-5334

Severity Score

3.7

Weakness Type (CWE)

Configuration

CWE-16

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us