Vulnerability Description
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 0.8 |
| Mozilla | Seamonkey | 1.0 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
- ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
- http://fedoranews.org/cms/node/2713
- http://fedoranews.org/cms/node/2728
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
- http://osvdb.org/32109
- http://rhn.redhat.com/errata/RHSA-2007-0077.html
- http://secunia.com/advisories/24205Vendor Advisory
- http://secunia.com/advisories/24238Vendor Advisory
- http://secunia.com/advisories/24287Vendor Advisory
- http://secunia.com/advisories/24290Vendor Advisory
- http://secunia.com/advisories/24293Vendor Advisory
- http://secunia.com/advisories/24320Vendor Advisory
- http://secunia.com/advisories/24328Vendor Advisory
FAQ
What is CVE-2007-0779?
CVE-2007-0779 is a vulnerability with a CVSS score of 6.4 (MEDIUM). GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host...
How severe is CVE-2007-0779?
CVE-2007-0779 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0779?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Seamonkey.