1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
PublicDate: 2007-02-26
Candidate: CVE-2007-0996
References:
http://www.ubuntu.com/usn/usn-428-1
Description:
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2,
and SeaMonkey before 1.0.8 inherit the default charset from the parent
window, which allows remote attackers to conduct cross-site scripting (XSS)
attacks, as demonstrated using the UTF-7 character set.
Ubuntu-Description:
Notes:
Bugs:
dapper_midbrowser: DNE
edgy_midbrowser: DNE
feisty_midbrowser: DNE
devel_midbrowser: released (0.1.6b-0ubuntu2)
dapper_lightning-sunbird: DNE
edgy_lightning-sunbird: DNE
feisty_lightning-sunbird: DNE
devel_lightning-sunbird: released (0.5-0ubuntu4)
dapper_firefox: released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy_firefox: released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty_firefox: released (2.0.0.6+1-0ubuntu1)
devel_firefox: not-affected
upstream_firefox:
upstream_lightning-sunbird:
upstream_midbrowser:
|