Your submission was sent successfully! Close

CVE-2007-0981

Published: 16 February 2007

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.

Priority

Unknown

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

iceape
Launchpad, Ubuntu, Debian
Upstream Needs triage

lightning-sunbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

midbrowser
Launchpad, Ubuntu, Debian
Upstream Needs triage

xulrunner
Launchpad, Ubuntu, Debian
Upstream Needs triage