CVE-2007-0779

NameCVE-2007-0779
DescriptionGUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceapesource(unstable)1.0.8-1low
iceweaselsource(unstable)2.0.0.2+dfsg-1low
mozillasourcesarge(not affected)
xulrunnersource(unstable)1.8.0.10-1low

Notes

MFSA-2007-04
[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
[sarge] - mozilla <not-affected> (introduced in firefox 1.5)

Search for package or bug name: Reporting problems