[VU:349217] Mozilla XUL web applications may hide the titlebar
Severity
Medium
CVEs
1
Overview
Mozilla's XUL contains a vulnerability that may allow a web application to cover an active window's titlebar.
Impact
An attacker may be able to create phishing or spoofed websites.
Solution
Upgrade
Mozilla has released Firefox 2.0.0.8 and SeaMonkey 1.1.5 to address this issue.
Acknowledgements
Thanks to Mozilla for information that was used in this report. Mozilla credits Eli Friedman for discovering this vulnerability.
- ID
- VU:349217
- Severity
- medium
- Severity from
- CVE-2007-5334
- URL
- https://kb.cert.org/vuls/id/349217
- Published
-
2007-10-19T18:32:19
(17 years ago) - Modified
-
2007-10-19T19:05:13
(17 years ago) - Rights
- Copyright 2007, CERT Coordination Center (CERT/CC)
- Other Advisories
ELSA-2007-0979
FEDORA-2007-2601
GLSA-200711-14
USN-535-1| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |