Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista

Mozilla Firefox and SeaMonkey Windows.Location Property HTTP Referer Header Spoofing Weakness

Bugtraq ID: 26589
Class: Race Condition Error
CVE: CVE-2007-5960
Remote: Yes
Local: No
Published: Nov 26 2007 12:00AM
Updated: Mar 13 2008 01:51AM
Credit: Gregory Fleischer is credited with the discovery of this vulnerability.
Vulnerable: Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Slackware Linux 10.2
Slackware Linux 12.0
Slackware Linux 11.0
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
rPath rPath Linux 1
RedHat Fedora 8 0
RedHat Fedora 7 0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux Virtualization 5 server
RedHat Enterprise Linux Optional Productivity Application 5 server
RedHat Enterprise Linux ES 4.6.z
RedHat Enterprise Linux ES 4.5.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4.6.z
RedHat Enterprise Linux AS 4.5.z
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1
Netscape Navigator 9.0 3
Netscape Navigator 9.0 2
Netscape Navigator 9.0 1
Netscape Navigator 9.0
Mozilla SeaMonkey 1.1.6
Mozilla SeaMonkey 1.1.5
Mozilla SeaMonkey 1.1.4
Mozilla SeaMonkey 1.1.3
Mozilla SeaMonkey 1.1.2
Mozilla SeaMonkey 1.1.1
Mozilla SeaMonkey 1.0.99
Mozilla SeaMonkey 1.0.9
Mozilla SeaMonkey 1.0.8
Mozilla SeaMonkey 1.0.7
Mozilla SeaMonkey 1.0.6
Mozilla SeaMonkey 1.0.5
Mozilla SeaMonkey 1.0.3
Mozilla SeaMonkey 1.0.2
Mozilla SeaMonkey 1.0.1
Mozilla SeaMonkey 1.1 beta
Mozilla SeaMonkey 1.0 dev
Mozilla SeaMonkey 1.0
Mozilla Firefox 2.0 8
Mozilla Firefox 2.0 .9
Mozilla Firefox 2.0 .7
Mozilla Firefox 2.0 .6
Mozilla Firefox 2.0 .5
Mozilla Firefox 2.0 .4
Mozilla Firefox 2.0 .3
Mozilla Firefox 2.0 .1
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5 12
Mozilla Firefox 1.5 .8
Mozilla Firefox 1.5 .6
Mozilla Firefox 1.5
Mozilla Firefox 1.5
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0 RC3
Mozilla Firefox 2.0 RC2
Mozilla Firefox 2.0 beta 1
Mozilla Firefox 2.0
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Foresight Linux Foresight Linux 1.1
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Avaya Messaging Storage Server MSS 3.0
Avaya Messaging Application Server MM 3.1
Avaya Intuity AUDIX LX 2.0
Not Vulnerable: Netscape Navigator 9.0 4
Mozilla SeaMonkey 1.1.7
Mozilla Firefox 2.0.0.10







 

Privacy Statement
Copyright 2008, SecurityFocus