CVE-2007-0995

Impact:
Moderate
Public Date:
2007-02-23

The MITRE CVE dictionary describes this issue as:

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.

Find out more about CVE-2007-0995 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Desktop version 5 (thunderbird) RHSA-2007:0108 2007-03-14
Red Hat Enterprise Linux version 4 RHSA-2007:0077 2007-02-24
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2007:0078 2007-03-02
Red Hat Enterprise Linux version 4 (firefox) RHSA-2007:0079 2007-02-23
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2007:0077 2007-02-24
Red Hat Enterprise Linux version 5 (firefox) RHSA-2007:0097 2007-03-14
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2007:0077 2007-02-24

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 5 devhelp 0.12-10.0.1.el5 Fixed
Red Hat Enterprise Linux version 5 yelp 2.16.0-14.0.1.el5 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.7.el4 Fixed
Red Hat Enterprise Linux version 4 seamonkey 1.0.8-0.2.el4 Fixed