CVE-2007-3737

Advisory lineage Upstream: 0 Downstream: 12

Downstream

DSA-1337-1 DSA-1338-1 DSA-1339-1 DTSA-45-1 DTSA-47-1 DTSA-51-1

Modified

Published: 18 Jul 2007, 17:00

Last modified:07 Aug 2024, 14:28

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.3 HIGH

v2.0 (nvd)

EPSS Score

10.03% MEDIUM

10% probability +0.35%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Jul 2007, 17:00

Published

Vulnerability first disclosed

07 Aug 2024, 14:28

Last Modified

Vulnerability information updated

Description

Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."

CVSS Metrics

v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 10.03%• Percentile: 93%

Affected Systems

Unknown•Firefox
2.0 | 2.0.0.1 | 2.0.0.2 | 2.0.0.3 | 2.0.0.4

References (43)

http://www.ubuntu.com/usn/usn-490-1
http://secunia.com/advisories/26107
http://secunia.com/advisories/26179
http://www.vupen.com/english/advisories/2007/4256
http://secunia.com/advisories/25589
http://www.securitytracker.com/id?1018409
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
http://www.debian.org/security/2007/dsa-1339
http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
http://secunia.com/advisories/26151
http://secunia.com/advisories/28135
http://secunia.com/advisories/26216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009
http://secunia.com/advisories/26103
http://secunia.com/advisories/26072
http://secunia.com/advisories/26149
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
http://www.vupen.com/english/advisories/2007/2564
http://www.debian.org/security/2007/dsa-1337
http://secunia.com/advisories/26211
http://secunia.com/advisories/26159
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
http://www.debian.org/security/2007/dsa-1338
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/35461
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
http://secunia.com/advisories/26095
http://www.securityfocus.com/archive/1/474542/100/0/threaded
http://secunia.com/advisories/26258
http://www.securityfocus.com/bid/24946
http://secunia.com/advisories/26460
http://secunia.com/advisories/26106
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
http://www.redhat.com/support/errata/RHSA-2007-0724.html
http://www.securityfocus.com/archive/1/474226/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2007-0723.html
http://secunia.com/advisories/26271
http://www.redhat.com/support/errata/RHSA-2007-0722.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
http://secunia.com/advisories/26204
http://secunia.com/advisories/26205