Vulnerability Description
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | <= 1.0.6 |
| Mozilla | Mozilla Suite | <= 1.7.11 |
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
- http://secunia.com/advisories/16911
- http://secunia.com/advisories/16917
- http://secunia.com/advisories/16977
- http://secunia.com/advisories/17014
- http://secunia.com/advisories/17026
- http://secunia.com/advisories/17042
- http://secunia.com/advisories/17090
- http://secunia.com/advisories/17149
- http://secunia.com/advisories/17263
- http://secunia.com/advisories/17284
- http://secunia.com/advisories/19823
- http://securitytracker.com/id?1014954
- http://www.debian.org/security/2005/dsa-838
- http://www.debian.org/security/2005/dsa-866
FAQ
What is CVE-2005-2707?
CVE-2005-2707 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoof...
How severe is CVE-2005-2707?
CVE-2005-2707 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2707?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Mozilla Suite.