CVE-2007-1562
Summary
| CVE | CVE-2007-1562 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-03-21 19:19:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| rhn.redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| rPath update for firefox and thunderbird - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | Third Party Advisory, VDB Entry |
| Mozilla FireFox FTP PASV Port-Scanning Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Third Party Advisory |
| Bug 370559 – security problem handling responses to FTP PASV command | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.mozilla.org | Issue Tracking, Vendor Advisory |
| Security Announcement | af854a3a-2127-422b-91ae-364da2661108 | www.novell.com | Broken Link |
| SUSE updates for Mozilla Products - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| HPSBUX02153 SSRT061181 rev.7 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS) - c00771742 - HP Business Support Center | af854a3a-2127-422b-91ae-364da2661108 | h20000.www2.hp.com | Broken Link |
| USN-443-1: Firefox vulnerability | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| Mozilla Firefox FTP PASV Implementation Permits Port Scanning - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Third Party Advisory |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | Third Party Advisory |
| issues.rpath.com/browse/RPL-1157 | af854a3a-2127-422b-91ae-364da2661108 | issues.rpath.com | Broken Link |
| Red Hat update for firefox - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| Page not found - CVE.report | af854a3a-2127-422b-91ae-364da2661108 | bindshell.net | Broken Link |
| oss-security - [SECURITY ADVISORY] curl: trusting FTP PASV responses | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | |
| MFSA 2007-11: FTP PASV port-scanning | af854a3a-2127-422b-91ae-364da2661108 | www.mozilla.org | Vendor Advisory |
| issues.rpath.com/browse/RPL-1424 | af854a3a-2127-422b-91ae-364da2661108 | issues.rpath.com | Broken Link |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 296067 Oracle Solaris 11.4 Support Repository Update (SRU) 33.94.0 Missing (CPUAPR2021)