Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2007-2871

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.

  • Published: Jun 1, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-2871
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / firefox 1.5.0.6 1.5.0.6.x
mozilla / seamonkey 1.0.9 1.0.9.x
mozilla / firefox 2.0.0.2 2.0.0.2.x
mozilla / firefox 1.5.0.10 1.5.0.10.x
mozilla / firefox 1.5.0.3 1.5.0.3.x
mozilla / firefox 1.5.0.11 1.5.0.11.x
mozilla / firefox 1.5 1.5.x
mozilla / seamonkey 1.1.2 1.1.2.x
mozilla / firefox 1.5.0.7 1.5.0.7.x
mozilla / firefox 2.0 2.0.x
mozilla / firefox 1.5.0.8 1.5.0.8.x
mozilla / firefox 2.0.0.3 2.0.0.3.x
mozilla / firefox 1.5.0.9 1.5.0.9.x
mozilla / firefox 1.5.0.5 1.5.0.5.x
mozilla / firefox 1.5.0.2 1.5.0.2.x
mozilla / firefox 2.0.0.1 2.0.0.1.x
mozilla / firefox 1.5.0.4 1.5.0.4.x
mozilla / firefox 1.5.0.1 1.5.0.1.x