CVE-2005-2707

NameCVE-2005-2707
DescriptionFirefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
SourceCVE (at NVD; LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-838-1, DSA-866-1, DSA-868-1
NVD severitymedium (attack range: remote)
Debian Bugs329778

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozillasource(unstable)2:1.7.12-1medium
mozillasourcesarge1:1.7.8-1sarge3mediumDSA-866-1
mozillasourcewoody(unfixed)mediumDSA-866-1
mozilla-firefoxsource(unstable)1.0.7-1medium329778
mozilla-firefoxsourcesarge1.0.4-2sarge5mediumDSA-838-1
mozilla-thunderbirdsource(unstable)1.0.7-1medium
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.7mediumDSA-868-1

Search for package or bug name: Reporting problems