Launchpad.net

CVE 2007-3089

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

Related bugs and status

CVE-2007-3089 (Candidate) is related to these bugs:

Bug #126727: [Firefox] security update release 2.0.0.5 available from upstream

Summary				In	Importance	Status
	126727	[Firefox] security update release 2.0.0.5 available from upstream		firefox (Ubuntu)	Undecided	Fix Released

Bug #469752: firefox,3.5/3.6 startup-notification bug

		In	Importance	Status
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu)	Medium	Invalid
469752	firefox,3.5/3.6 startup-notification bug	Mozilla Firefox	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Suse)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu Lucid)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu Lucid)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20070604 Assorted brow...
MISC: http://lcamtuf.coredum...
CONFIRM: https://bugzilla.mozil...
CONFIRM: https://bugzilla.mozil...
BID: 24286
CERT-VN: VU#143297
MISC: https://bugzilla.mozil...
MISC: https://bugzilla.mozil...
CONFIRM: http://www.mozilla.org...
SECUNIA: 26095
CONFIRM: ftp://ftp.slackware.co...
DEBIAN: DSA-1337
DEBIAN: DSA-1338
REDHAT: RHSA-2007:0722
REDHAT: RHSA-2007:0723
REDHAT: RHSA-2007:0724
UBUNTU: USN-490-1
SECTRACK: 1018412
SECUNIA: 26103
SECUNIA: 26106
SECUNIA: 26107
SECUNIA: 25589
SECUNIA: 26179
SECUNIA: 26149
SECUNIA: 26151
SECUNIA: 26072
CONFIRM: http://support.novell....
DEBIAN: DSA-1339
SGI: 20070701-01-P
SECUNIA: 26211
SECUNIA: 26216
SECUNIA: 26204
SECUNIA: 26205
SECUNIA: 26159
SUSE: SUSE-SA:2007:049
SECUNIA: 26271
SECUNIA: 26258
GENTOO: GLSA-200708-09
SECUNIA: 26460
SREASON: 2781
MANDRIVA: MDKSA-2007:152
CERT: TA07-199A
HP: HPSBUX02153
HP: SSRT061181
SUNALERT: 103177
SECUNIA: 28135
SUNALERT: 201516
VUPEN: ADV-2007-2564
VUPEN: ADV-2007-4256
OSVDB: 38024
XF: firefox-iframe-securit...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070604 Assorted brow...
BUGTRAQ: 20070720 rPSA-2007-014...
BUGTRAQ: 20070724 FLEA-2007-003...