CVE-2007-3089

Name	CVE-2007-3089
Description	Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1337-1, DSA-1338-1, DSA-1339-1, DTSA-45-1, DTSA-47-1, DTSA-51-1
Debian Bugs	427691

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
iceape	source	etch	1.0.10~pre070720-0etch1		DSA-1339-1
iceape	source	lenny	1.0.10~pre070720-0etch1+lenny1		DTSA-47-1
iceape	source	(unstable)	1.1.3-1	low
iceweasel	source	etch	2.0.0.5-0etch1		DSA-1338-1
iceweasel	source	lenny	2.0.0.5-0etch1+lenny1		DTSA-45-1
iceweasel	source	(unstable)	2.0.0.5-1	low		427691
xulrunner	source	etch	1.8.0.13~pre070720-0etch1		DSA-1337-1
xulrunner	source	lenny	1.8.0.13~pre070720-0etch3+lenny1		DTSA-51-1
xulrunner	source	(unstable)	1.8.1.5-1	low

Notes

MFSA2007-20