CVE-2007-3089

Severity

43%

Complexity

86%

Confidentiality

48%

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

First reported 18 years ago

2007-06-06 21:30:00

Last updated 6 years ago

2018-10-16 16:47:00

Affected Software

Mozilla Firefox 0.8

0.8

Mozilla Firefox 0.9

0.9

Mozilla Firefox 0.9.1

0.9.1

Mozilla Firefox 0.9.2

0.9.2

Mozilla Firefox 0.9.3

0.9.3

Mozilla Firefox 0.10

0.10

Mozilla Firefox 0.10.1

0.10.1

Mozilla Firefox 1.0

1.0

Mozilla Firefox 1.0.1

1.0.1

Mozilla Firefox 1.0.2

1.0.2

Mozilla Firefox 1.0.3

1.0.3

Mozilla Firefox 1.0.4

1.0.4

Mozilla Firefox 1.0.5

1.0.5

Mozilla Firefox 1.0.6

1.0.6

Mozilla Firefox 1.0.7

1.0.7

Mozilla Firefox 1.0.8

1.0.8

Mozilla Firefox 1.5

1.5

Mozilla Firefox 1.5.0.1

1.5.0.1

Mozilla Firefox 1.5.0.2

1.5.0.2

Mozilla Firefox 1.5.0.3

1.5.0.3

Mozilla Firefox 1.5.0.4

1.5.0.4

Mozilla Firefox 1.5.0.5

1.5.0.5

Mozilla Firefox 1.5.0.6

1.5.0.6

Mozilla Firefox 1.5.0.7

1.5.0.7

Mozilla Firefox 1.5.0.8

1.5.0.8

Mozilla Firefox 1.5.0.9

1.5.0.9

Mozilla Firefox 1.5.0.10

1.5.0.10

Mozilla Firefox 1.5.0.11

1.5.0.11

Mozilla Firefox 1.5.1

1.5.1

Mozilla Firefox 1.5.2

1.5.2

Mozilla Firefox 1.5.3

1.5.3

Mozilla Firefox 1.5.4

1.5.4

Mozilla Firefox 1.5.5

1.5.5

Mozilla Firefox 1.5.6

1.5.6

Mozilla Firefox 1.5.7

1.5.7

Mozilla Firefox 1.5.8

1.5.8

Mozilla Firefox 2.0

2.0

Mozilla Firefox 2.0.0.1

2.0.0.1

Mozilla Firefox 2.0.0.2

2.0.0.2

Mozilla Firefox 2.0.0.3

2.0.0.3

Mozilla Firefox

References

ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt

20070701-01-P

20070604 Assorted browser vulnerabilities

HPSBUX02153

http://lcamtuf.coredump.cx/ifsnatch/

38024

25589

Vendor Advisory

26072

Vendor Advisory

26095

Vendor Advisory

26103

Vendor Advisory

26106

Vendor Advisory

26107

Vendor Advisory

26149

Vendor Advisory

26151

Vendor Advisory

26159

Vendor Advisory

26179

Vendor Advisory

26204

Vendor Advisory

26205

Vendor Advisory

26211

Vendor Advisory

26216

Vendor Advisory

26258

Vendor Advisory

26271

Vendor Advisory

26460

Vendor Advisory

28135

Vendor Advisory

2781

103177

201516

http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html

DSA-1337

DSA-1338

DSA-1339

GLSA-200708-09

VU#143297

US Government Resource

MDKSA-2007:152

http://www.mozilla.org/security/announce/2007/mfsa2007-20.html

SUSE-SA:2007:049

RHSA-2007:0722

Vendor Advisory

RHSA-2007:0723

Vendor Advisory

RHSA-2007:0724

Vendor Advisory

20070604 Assorted browser vulnerabilities

20070720 rPSA-2007-0148-1 firefox thunderbird

20070724 FLEA-2007-0033-1: firefox thunderbird

24286

1018412

USN-490-1

TA07-199A

US Government Resource

ADV-2007-2564

ADV-2007-4256

https://bugzilla.mozilla.org/show_bug.cgi?id=381300

https://bugzilla.mozilla.org/show_bug.cgi?id=382686

firefox-iframe-security-bypass(34701)

oval:org.mitre.oval:def:11122

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.