CVE-2005-2707

NameCVE-2005-2707
DescriptionFirefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-838-1, DSA-866-1, DSA-868-1
NVD severitymedium (attack range: remote)
Debian Bugs329778
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozillasource(unstable)2:1.7.12-1medium
mozillasourcesarge1:1.7.8-1sarge3mediumDSA-866-1
mozillasourcewoody(unfixed)mediumDSA-866-1
mozilla-firefoxsource(unstable)1.0.7-1medium329778
mozilla-firefoxsourcesarge1.0.4-2sarge5mediumDSA-838-1
mozilla-thunderbirdsource(unstable)1.0.7-1medium
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.7mediumDSA-868-1

Search for package or bug name: Reporting problems