mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
365 lines
13 KiB
JSON
365 lines
13 KiB
JSON
{
|
|
"id": "CVE-2007-3285",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2007-06-20T19:30:00.000",
|
|
"lastModified": "2019-10-09T22:53:14.527",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Mozilla Firefox versiones anteriores a 2.0.0.5, cuando se ejecuta en Windows, permite a atacantes remotos omitir las comprobaciones del tipo de archivo y posiblemente ejecutar programas por medio de un URI (1) file:/// o (2) resource: con una extensi\u00f3n peligrosa, seguido de un byte NULL (%00) y una extensi\u00f3n m\u00e1s segura, lo que hace que Firefox trate el archivo solicitado de manera diferente a como lo har\u00eda Windows."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "2.0.0.4",
|
|
"matchCriteriaId": "C99BB6C8-1877-4B70-B6EF-952E200ABABE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCB35099-B04E-4796-A25D-953329FE62F3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C30ACBCA-4FA1-46DE-8F15-4830BC27E160"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9453EF65-7C69-449E-BF7C-4FECFB56713E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4AA75825-21CF-475B-8040-126A13FA2216"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA97C80E-17FA-4866-86CE-29886145ED80"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DE24BED-202E-416D-B5F2-8207D97B9939"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "04198E04-CE1D-4A5A-A20C-D1E135B45F94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A956C036-1E47-49B2-A971-69868A510B75"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F5AA254D-D41E-464F-9E2A-A950F08C6946"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B05D2655-6641-42BE-9793-30005AC9D40D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.0x000000.com/?i=333",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-22.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/24447",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1018413",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/usn-490-1",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/4256",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=383478",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |