CVE-2007-0800

Publication date 7 February 2007

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.

Status

Package Ubuntu Release Status
firefox 7.10 gutsy
Not affected
7.04 feisty
Fixed 2.0.0.6+1-0ubuntu1
6.10 edgy
Fixed 2.0.0.6+0dfsg-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
iceape 7.10 gutsy
Fixed 1.1.4-1ubuntu2
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
lightning-sunbird 7.10 gutsy
Fixed 0.5-0ubuntu4
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
midbrowser 7.10 gutsy
Fixed 0.1.6b-0ubuntu2
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
xulrunner 7.10 gutsy
Fixed 1.8.0.10-3ubuntu1
7.04 feisty
Fixed 1.8.0.10-3ubuntu1
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-428-1
    • Firefox vulnerabilities
    • 1 March 2007

Other references