Unrated severityNVD Advisory· Published Feb 26, 2007· Updated Apr 23, 2026
CVE-2007-0780
CVE-2007-0780
Description
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.
Affected products
5cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
47- www.mozilla.org/security/announce/2007/mfsa2007-05.htmlnvdPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2007-0077.htmlnvdThird Party Advisory
- secunia.com/advisories/24205nvdThird Party Advisory
- secunia.com/advisories/24238nvdThird Party Advisory
- secunia.com/advisories/24287nvdThird Party Advisory
- secunia.com/advisories/24290nvdThird Party Advisory
- secunia.com/advisories/24293nvdThird Party Advisory
- secunia.com/advisories/24320nvdThird Party Advisory
- secunia.com/advisories/24328nvdThird Party Advisory
- secunia.com/advisories/24333nvdThird Party Advisory
- secunia.com/advisories/24342nvdThird Party Advisory
- secunia.com/advisories/24343nvdThird Party Advisory
- secunia.com/advisories/24384nvdThird Party Advisory
- secunia.com/advisories/24393nvdThird Party Advisory
- secunia.com/advisories/24395nvdThird Party Advisory
- secunia.com/advisories/24437nvdThird Party Advisory
- secunia.com/advisories/24455nvdThird Party Advisory
- secunia.com/advisories/24457nvdThird Party Advisory
- secunia.com/advisories/24650nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200703-04.xmlnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdMailing ListThird Party Advisory
- slackware.com/security/viewer.phpnvdMailing ListThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200703-08.xmlnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0078.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0079.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0097.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0108.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/461336/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/461809/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/22694nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-428-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/0718nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/32667nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884nvdThird Party Advisory
- patches.sgi.com/support/free/security/advisories/20070202-01-P.ascnvdBroken Link
- patches.sgi.com/support/free/security/advisories/20070301-01-P.ascnvdBroken Link
- fedoranews.org/cms/node/2713nvdBroken Link
- fedoranews.org/cms/node/2728nvdBroken Link
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken Link
- lists.suse.com/archive/suse-security-announce/2007-Mar/0001.htmlnvdBroken Link
- www.novell.com/linux/security/advisories/2007_22_mozilla.htmlnvdBroken Link
- www.osvdb.org/32107nvdBroken Link
- issues.rpath.com/browse/RPL-1081nvdBroken Link
- issues.rpath.com/browse/RPL-1103nvdBroken Link
News mentions
0No linked articles in our index yet.