JVN/CVE Demo: Nvdinfos

NVD

Id: 55883
Name: CVE-2007-3736
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site"s context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.
Reject
CVSS Version: 2
CVSS Score: 4.3
Severity: Medium
CVSS Base Score: 4.3
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 8.6
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Pub Date: 2017-01-07
Published: 2007-07-18
Modified Date: 2011-03-07
Seq: 2007-3736

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
284156	55883	CVE-2007-3736	ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt	View
284157	55883	CVE-2007-3736	20070701-01-P	View
284158	55883	CVE-2007-3736	SSRT061181	View
284159	55883	CVE-2007-3736	oval:org.mitre.oval:def:11749	View
284160	55883	CVE-2007-3736	103177	View
284161	55883	CVE-2007-3736	201516	View
284162	55883	CVE-2007-3736	http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html	View
284163	55883	CVE-2007-3736	DSA-1337	View
284164	55883	CVE-2007-3736	DSA-1338	View
284165	55883	CVE-2007-3736	DSA-1339	View
284166	55883	CVE-2007-3736	GLSA-200708-09	View
284167	55883	CVE-2007-3736	MDKSA-2007:152	View
284168	55883	CVE-2007-3736	http://www.mozilla.org/security/announce/2007/mfsa2007-19.html	View
284169	55883	CVE-2007-3736	SUSE-SA:2007:049	View
284170	55883	CVE-2007-3736	RHSA-2007:0722	View
284171	55883	CVE-2007-3736	RHSA-2007:0723	View
284172	55883	CVE-2007-3736	RHSA-2007:0724	View
284173	55883	CVE-2007-3736	20070720 rPSA-2007-0148-1 firefox thunderbird	View
284174	55883	CVE-2007-3736	20070724 FLEA-2007-0033-1: firefox thunderbird	View
284175	55883	CVE-2007-3736	24946	View
284176	55883	CVE-2007-3736	1018410	View
284177	55883	CVE-2007-3736	USN-490-1	View
284178	55883	CVE-2007-3736	ADV-2007-2564	View
284179	55883	CVE-2007-3736	ADV-2007-4256	View
284180	55883	CVE-2007-3736	mozilla-addeventlistener-settimeout-xss(35462)	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
51877	JVNDB-2007-000540	Mozilla Firefox の addEventListener/setTimeout メソッドにおけるクロスサイトスクリプティングの脆弱性	Mozilla Firefox において、addEventListener() メソッドおよび setTimeout() メソッドを利用することで、ブラウザの同一生成元ポリシーに反して他のサイトにスクリプトを挿入できるクロスサイトスクリプティングの脆弱性が存在します。	CVE-2007-3736	27091	CVE-2007-3736	55883	4.3		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000540.html	2007-07-17	2008-01-11	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.31 MB
View render complete	14.33 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.19
Event: Controller.initialize	0.03
Event: Controller.startup	0.06
Controller action	335.08
Event: Controller.beforeRender	4.14
» Processing toolbar data	4.05
Rendering View	519.29
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	504.62
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	10.04
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	2.97
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/55883
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/55883
Remote Port	32857
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.104
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.95.84
Http Via	1.1 squid-proxy-5b5d847c96-t9wdc (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=oj2ffgtnj65ref4dr5sqle7a33
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.104
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.104
Unique Id	aEUA0SliQfS0NDirsoELgwAAAQk
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.104
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.104
Redirect Unique Id	aEUA0SliQfS0NDirsoELgwAAAQk
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.104
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.104
Redirect Redirect Unique Id	aEUA0SliQfS0NDirsoELgwAAAQk
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1749352657.5658
Request Time	1749352657

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files