Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2007-3089

Published: 6 June 2007

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

Priority

Unknown

Status

Package Release Status
midbrowser
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

upstream Needs triage

firefox
Launchpad, Ubuntu, Debian
dapper
Released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy
Released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty
Released (2.0.0.6+1-0ubuntu1)
upstream Needs triage

iceape
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

upstream Needs triage