| Name | CVE-2007-0779 |
| Description | GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| iceape | source | (unstable) | 1.0.8-1 | low | ||
| iceweasel | source | (unstable) | 2.0.0.2+dfsg-1 | low | ||
| mozilla | source | sarge | (not affected) | |||
| xulrunner | source | (unstable) | 1.8.0.10-1 | low |
MFSA-2007-04
[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
[sarge] - mozilla <not-affected> (introduced in firefox 1.5)