CVE-2007-0981

Priority
Untriaged
Description
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before
2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the
same origin policy, steal cookies, and conduct other attacks by writing a
URI with a null byte to the hostname (location.hostname) DOM property, due
to interactions with DNS resolver code.
References
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (0.1.6b-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.0.10-3ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (0.5-0ubuntu4)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:17:41 UTC (commit 5347)