Lucene search

[email protected]CVE-2007-1095

HistoryFeb 26, 2007 - 5:28 p.m.

CVE-2007-1095

2007-02-2617:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1095

mozilla firefox

seamonkey

javascript

code execution

dom hierarchy

security vulnerability

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.448 Medium

EPSS

Percentile

97.4%

JSON

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq0.1
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq1.5
mozilla:firefoxmozilla firefoxeq1.5.2
mozilla:firefoxmozilla firefoxeq1.5.0.6
mozilla:firefoxmozilla firefoxeq1.8
mozilla:firefoxmozilla firefoxeq2.0.0.2
mozilla:firefoxmozilla firefoxeq1.5.0.10
mozilla:firefoxmozilla firefoxeq1.5.0.3
mozilla:firefoxmozilla firefoxeq1.5.0.11

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	0.1
mozilla:firefox	mozilla firefox	eq	0.8
mozilla:firefox	mozilla firefox	eq	1.5
mozilla:firefox	mozilla firefox	eq	1.5.2
mozilla:firefox	mozilla firefox	eq	1.5.0.6
mozilla:firefox	mozilla firefox	eq	1.8
mozilla:firefox	mozilla firefox	eq	2.0.0.2
mozilla:firefox	mozilla firefox	eq	1.5.0.10
mozilla:firefox	mozilla firefox	eq	1.5.0.3
mozilla:firefox	mozilla firefox	eq	1.5.0.11

Rows per page:

1-10 of 711

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

lcamtuf.coredump.cx/ietrap/ff/

lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html

osvdb.org/33809

secunia.com/advisories/27276

secunia.com/advisories/27298

secunia.com/advisories/27311

secunia.com/advisories/27315

secunia.com/advisories/27325

secunia.com/advisories/27327

secunia.com/advisories/27335

secunia.com/advisories/27336

secunia.com/advisories/27356

secunia.com/advisories/27360

secunia.com/advisories/27383

secunia.com/advisories/27387

secunia.com/advisories/27403

secunia.com/advisories/27414

secunia.com/advisories/27425

secunia.com/advisories/27480

secunia.com/advisories/27665

secunia.com/advisories/27680

secunia.com/advisories/28398

securityreason.com/securityalert/2310

securitytracker.com/id?1018837

sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

www.debian.org/security/2007/dsa-1392

www.debian.org/security/2007/dsa-1396

www.debian.org/security/2007/dsa-1401

www.gentoo.org/security/en/glsa/glsa-200711-14.xml

www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

www.mozilla.org/security/announce/2007/mfsa2007-30.html

www.novell.com/linux/security/advisories/2007_57_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0979.html

www.redhat.com/support/errata/RHSA-2007-0980.html

www.redhat.com/support/errata/RHSA-2007-0981.html

www.securityfocus.com/archive/1/461007/100/0/threaded

www.securityfocus.com/archive/1/461023/100/0/threaded

www.securityfocus.com/archive/1/482876/100/200/threaded

www.securityfocus.com/archive/1/482925/100/0/threaded

www.securityfocus.com/archive/1/482932/100/200/threaded

www.securityfocus.com/bid/22688

www.ubuntu.com/usn/usn-536-1

www.vupen.com/english/advisories/2007/3544

www.vupen.com/english/advisories/2007/3587

www.vupen.com/english/advisories/2008/0083

bugzilla.mozilla.org/show_bug.cgi?id=371360

exchange.xforce.ibmcloud.com/vulnerabilities/32647

exchange.xforce.ibmcloud.com/vulnerabilities/32649

issues.rpath.com/browse/RPL-1858

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665

usn.ubuntu.com/535-1/

www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.448 Medium

EPSS

Percentile

97.4%

JSON

Related for CVE-2007-1095

openvas30 mozilla1 veracode1 prion1 ubuntucve1 securityvulns3 nessus32 freebsd1 gentoo1 fedora4 oraclelinux3 osv3 ubuntu2 centos4 debian3 redhat3 suse1