Vulnerability Details : CVE-2007-0801
Potential exploit
The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.
Products affected by CVE-2007-0801
- cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0801
0.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0801
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2007-0801
-
http://www.securityfocus.com/bid/22396
Exploit;Vendor Advisory
-
http://www.osvdb.org/32108
404 Not Found
-
http://www.securityfocus.com/archive/1/459163/100/0/threaded
-
http://security.gentoo.org/glsa/glsa-200703-04.xml
Mozilla Firefox: Multiple vulnerabilities (GLSA 200703-04) — Gentoo security
-
http://secunia.com/advisories/24393
About Secunia Research | Flexera
-
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
SeaMonkey: Multiple vulnerabilities (GLSA 200703-08) — Gentoo security
-
http://secunia.com/advisories/24437
About Secunia Research | Flexera
-
http://www.securityfocus.com/archive/1/459162/100/0/threaded
Jump to