CVE-2007-0995

Common Vulnerabilities and Exposures

Upstream information

CVE-2007-0995 at MITRE

Description

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 244923

SUSE Security Advisories:

SUSE-SA:2007:019, published Tue, 06 Mar 2007 18:00:00 +0000
SUSE-SA:2007:022, published Tue, 20 Mar 2007 11:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE LINUX 10.1	`seamonkey >= 1.0.8-0.1` `seamonkey-calendar >= 1.0.8-0.1` `seamonkey-dom-inspector >= 1.0.8-0.1` `seamonkey-irc >= 1.0.8-0.1` `seamonkey-mail >= 1.0.8-0.1` `seamonkey-spellchecker >= 1.0.8-0.1` `seamonkey-venkman >= 1.0.8-0.1`
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64	`MozillaFirefox >= 1.5.0.10-0.2` `MozillaFirefox-translations >= 1.5.0.10-0.2`	Builds YOU Patch Nr: 11446
Novell Linux Desktop 9 for x86	`mozilla >= 1.8_seamonkey_1.0.8-0.1` `mozilla-cs >= 1.8_seamonkey_1.0.4-0.4` `mozilla-deat >= 1.8_seamonkey_1.0.4-0.4` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.1` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.1` `mozilla-hu >= 1.80_seamonkey_1.0.4-2` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.1` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.1` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.1`	core9.s390 core9.x86 YOU Patch Nr: 11458
Novell Linux Desktop 9 for x86_64	`mozilla >= 1.8_seamonkey_1.0.8-0.1` `mozilla-cs >= 1.8_seamonkey_1.0.4-0.4` `mozilla-deat >= 1.8_seamonkey_1.0.4-0.4` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.1` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.1` `mozilla-hu >= 1.80_seamonkey_1.0.4-2` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.1` `mozilla-lib64 >= 1.6-0.8` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.1` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.1`	core9.s390 core9.x86 YOU Patch Nr: 11458
Open Enterprise Server	`mozilla >= 1.8_seamonkey_1.0.8-0.1` `mozilla-calendar >= 1.8_seamonkey_1.0.8-0.1` `mozilla-cs >= 1.8_seamonkey_1.0.4-0.4` `mozilla-deat >= 1.8_seamonkey_1.0.4-0.4` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.1` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.1` `mozilla-hu >= 1.80_seamonkey_1.0.4-2` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.1` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.1` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.1`	core9.s390 core9.x86 YOU Patch Nr: 11458
SUSE LINUX 10.0 SUSE LINUX 10.1 SUSE LINUX 9.3	`MozillaFirefox >= 1.5.0.10-0.2` `MozillaFirefox-translations >= 1.5.0.10-0.2`
SUSE LINUX 10.0	`mozilla >= 1.8_seamonkey_1.0.8-0.1` `mozilla-calendar >= 1.8_seamonkey_1.0.8-0.1` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.1` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.1` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.1` `mozilla-ko >= 1.75-3.2` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.1` `mozilla-spellchecker >= 1.8_seamonkey_1.0.8-0.1` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.1` `mozilla-zh-CN >= 1.7-6.2` `mozilla-zh-TW >= 1.7-6.2`
SUSE LINUX 9.3	`galeon >= 2.0.0-28.2` `mozilla >= 1.8_seamonkey_1.0.8-0.1` `mozilla-32bit >= 9.3-7.6` `mozilla-calendar >= 1.8_seamonkey_1.0.8-0.1` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.1` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.1` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.1` `mozilla-ko >= 1.72-4.2` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.1` `mozilla-spellchecker >= 1.8_seamonkey_1.0.8-0.1` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.1` `mozilla-zh-CN >= 1.7-4.2` `mozilla-zh-TW >= 1.7-4.2`
SUSE LINUX Retail Solution 8 SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	`mozilla >= 1.8_seamonkey_1.0.8-0.3` `mozilla-calendar >= 1.8_seamonkey_1.0.8-0.3` `mozilla-devel >= 1.8_seamonkey_1.0.8-0.3` `mozilla-dom-inspector >= 1.8_seamonkey_1.0.8-0.3` `mozilla-irc >= 1.8_seamonkey_1.0.8-0.3` `mozilla-mail >= 1.8_seamonkey_1.0.8-0.3` `mozilla-spellchecker >= 1.8_seamonkey_1.0.8-0.3` `mozilla-venkman >= 1.8_seamonkey_1.0.8-0.3` `mozilla-xmlterm >= 1.8_seamonkey_1.0.8-0.3`	slrs8.x86 ul1.s390 YOU Patch Nr: 11459

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy