CVE-2005-2707

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.

Published: Sep 23, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2707
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / firefox	1.0.2	1.0.2.x
mozilla / firefox	-	1.0.6.x
mozilla / mozilla_suite	-	1.7.11.x
mozilla / mozilla_suite	1.7.10	1.7.10.x
mozilla / firefox	1.0.4	1.0.4.x
mozilla / mozilla_suite	1.7.8	1.7.8.x
mozilla / firefox	1.0	1.0.x
mozilla / firefox	1.0.1	1.0.1.x
mozilla / firefox	1.0.3	1.0.3.x
mozilla / mozilla_suite	1.7.7	1.7.7.x
mozilla / mozilla_suite	1.7.6	1.7.6.x
mozilla / firefox	1.0.5	1.0.5.x

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://secunia.com/advisories/16911
http://secunia.com/advisories/16917
http://secunia.com/advisories/16977
http://secunia.com/advisories/17014
http://secunia.com/advisories/17026
http://secunia.com/advisories/17042
http://secunia.com/advisories/17090
http://secunia.com/advisories/17149
http://secunia.com/advisories/17263
http://secunia.com/advisories/17284
http://secunia.com/advisories/19823
http://securitytracker.com/id?1014954
http://www.debian.org/security/2005/dsa-838
http://www.debian.org/security/2005/dsa-866
http://www.debian.org/security/2005/dsa-868
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.mozilla.org/security/announce/mfsa2005-59.html
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://www.redhat.com/support/errata/RHSA-2005-785.html
http://www.redhat.com/support/errata/RHSA-2005-789.html
http://www.redhat.com/support/errata/RHSA-2005-791.html
http://www.securityfocus.com/bid/14919
http://www.securityfocus.com/bid/15495
http://www.vupen.com/english/advisories/2005/1824
https://exchange.xforce.ibmcloud.com/vulnerabilities/22380
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11130
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1197

Vulnerability Database

289,697

CVE-2005-2707