Configuration Affecting epiphany-browser package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN11-EPIPHANYBROWSER-525624
- published 23 Feb 2007
- disclosed 23 Feb 2007
Introduced: 23 Feb 2007
CVE-2007-1084 Open this link in a new tabHow to fix?
There is no fixed version for Debian:11 epiphany-browser.
NVD Description
Note: Versions mentioned in the description apply only to the upstream epiphany-browser package and not the epiphany-browser package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page.
References
- https://security-tracker.debian.org/tracker/CVE-2007-1084
- http://www.securityfocus.com/archive/1/460885/100/0/threaded
- http://www.securityfocus.com/archive/1/460890/100/0/threaded
- http://www.securityfocus.com/archive/1/460896/100/0/threaded
- http://www.securityfocus.com/archive/1/461021/100/0/threaded
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0490.html
- http://lcamtuf.coredump.cx/ffbook
- http://lcamtuf.coredump.cx/ffbook/
- http://www.heise-security.co.uk/news/85728
- http://osvdb.org/33803
- https://bugzilla.mozilla.org/show_bug.cgi?id=371179
- http://www.securityfocus.com/bid/22666
- http://securityreason.com/securityalert/2304