CVE-2007-3736

CVSS v2.0 4.3 (Medium)

EPSS 44.52 % (97^th)

Affected Products 1

Advisories 13

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.

Weaknesses

CWE-NVD-Other

Related CVEs

CVE-2010-0171

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2007-07-18 17:30:00
(17 years ago)
Updated Date: 2018-10-15 21:30:24
(6 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 2.0	cpe:2.3:a:mozilla:firefox:2.0
	Mozilla Firefox 2.0.0.1	cpe:2.3:a:mozilla:firefox:2.0.0.1
	Mozilla Firefox 2.0.0.2	cpe:2.3:a:mozilla:firefox:2.0.0.2
	Mozilla Firefox 2.0.0.3	cpe:2.3:a:mozilla:firefox:2.0.0.3
	Mozilla Firefox 2.0.0.4	cpe:2.3:a:mozilla:firefox:2.0.0.4