Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2007-0995

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.

  • Published: Feb 26, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-0995
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
mozilla / seamonkey - 1.0.7.x
mozilla / firefox 1.5.0.10 1.5.0.10.x
mozilla / firefox 2.0 2.0.x
mozilla / firefox 2.0.0.1 2.0.0.1.x