CVE-2007-5960

medium

Description

Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent.

References

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg01011.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00168.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00135.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00115.html

https://usn.ubuntu.com/546-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9794

https://issues.rpath.com/browse/RPL-1995

https://issues.rpath.com/browse/RPL-1984

https://exchange.xforce.ibmcloud.com/vulnerabilities/38644

http://www.vupen.com/english/advisories/2008/0643

http://www.vupen.com/english/advisories/2008/0083

http://www.vupen.com/english/advisories/2007/4018

http://www.vupen.com/english/advisories/2007/4002

http://www.ubuntu.com/usn/usn-546-2

http://www.securityfocus.com/bid/26589

http://www.securityfocus.com/archive/1/488971/100/0/threaded

http://www.securityfocus.com/archive/1/488002/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2007-1084.html

http://www.redhat.com/support/errata/RHSA-2007-1083.html

http://www.redhat.com/support/errata/RHSA-2007-1082.html

http://www.mozilla.org/security/announce/2007/mfsa2007-39.html

http://www.mandriva.com/security/advisories?name=MDKSA-2007:246

http://www.debian.org/security/2007/dsa-1425

http://www.debian.org/security/2007/dsa-1424

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093

http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0260

http://wiki.rpath.com/Advisories:rPSA-2008-0093

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374833

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.365006

http://securitytracker.com/id?1018995

http://security.gentoo.org/glsa/glsa-200712-21.xml

http://secunia.com/advisories/29164

http://secunia.com/advisories/28398

http://secunia.com/advisories/28277

http://secunia.com/advisories/28171

http://secunia.com/advisories/28016

http://secunia.com/advisories/28001

http://secunia.com/advisories/27979

http://secunia.com/advisories/27957

http://secunia.com/advisories/27955

http://secunia.com/advisories/27944

http://secunia.com/advisories/27855

http://secunia.com/advisories/27845

http://secunia.com/advisories/27838

http://secunia.com/advisories/27816

http://secunia.com/advisories/27800

http://secunia.com/advisories/27797

http://secunia.com/advisories/27796

http://secunia.com/advisories/27793

http://secunia.com/advisories/27725

http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00004.html

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://bugs.gentoo.org/show_bug.cgi?id=200909

http://bugs.gentoo.org/show_bug.cgi?id=198965

http://browser.netscape.com/releasenotes/

Details

Source: Mitre, NVD

Published: 2007-11-26

Updated: 2023-02-13

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium