admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-35xx/CVE-2007-3511.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

342 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-3511",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-07-03T10:30:00.000",
"lastModified": "2018-10-15T21:29:03.627",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the \"for\" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field."
},
{
"lang": "es",
"value": "El manejo del enfoque para el evento onkeydown en Mozilla Firefox versiones 1.5.0.12, 2.0.0.0.4 y otras versiones anteriores a 2.0.0.8, y SeaMonkey versiones anteriores a 1.1.5, permite a atacantes remotos cambiar el enfoque del campo y copiar las pulsaciones de teclas por medio del atributo \"for\" en una etiqueta, lo que omite la prevenci\u00f3n del enfoque, tal y como es demostrado cambiando el enfoque desde un \u00e1rea de texto hacia un campo de carga de archivos."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.0.7",
"matchCriteriaId": "5A383873-7B11-41FA-A64D-8526370456F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.4",
"matchCriteriaId": "BB0F8C75-4934-453B-B502-8D0B6E9873EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*",
"matchCriteriaId": "30B95DB4-EC98-4046-A894-26CA0807456B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*",
"matchCriteriaId": "55344F76-1C42-4DD8-A28B-1C33626C6FD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "4A97B6E1-EABA-4977-A3FC-64DF0392AA95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22D33486-4956-4E2C-BA16-FA269A9D02BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3104343E-93B6-4D4A-BC95-ED9F7E91FB6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "381313EF-DF84-4F66-9962-DE8F45029D79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A0228476-14E4-443C-BBAE-2C9CD8594DC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A803A500-DCE2-44FC-ABEB-A90A1D39D85C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "022274DE-5251-49C9-B6E5-1D8CEDC34E7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E99882-786F-455F-BAC4-30716120964A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F84CB7-93F7-4912-BC87-497867B96491"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40270FBD-744A-49D9-9FFA-1DCD897210D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "20E01097-F60A-4FB2-BA47-84A267EE87D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7F65732F-317B-49A2-B9B0-FA1102B8B45C"
}
]
}
]
}
],
"references": [
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html",
"source": "cve@mitre.org"
},
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html",
"source": "cve@mitre.org"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1018837",
"source": "cve@mitre.org"
},
{
"url": "http://sla.ckers.org/forum/read.php?3,13142",
"source": "cve@mitre.org"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1",
"source": "cve@mitre.org"
},
{
"url": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1392",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1396",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1401",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202",
"source": "cve@mitre.org"
},
{
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-32.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0979.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0980.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0981.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/482876/100/200/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/482925/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/482932/100/200/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/24725",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-536-1",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3544",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/3587",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/0083",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://yathong.googlepages.com/FirefoxFocusBug.html",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35299",
"source": "cve@mitre.org"
},
{
"url": "https://issues.rpath.com/browse/RPL-1858",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/535-1/",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink