Lucene search

PRIOn knowledge basePRION:CVE-2007-1095

HistoryFeb 26, 2007 - 5:28 p.m.

Code injection

2007-02-2617:28:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.332 Low

EPSS

Percentile

96.9%

JSON

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

CPENameOperatorVersion
firefoxeq0.1
firefoxeq0.8
firefoxeq1.5 beta2
firefoxeq1.5.2
firefoxeq1.5.0.6
firefoxeq1.8
firefoxeq2.0.0.2
firefoxeq1.5.0.10
firefoxeq1.5.0.3
firefoxeq1.5.0.11

Name	Operator	Version
firefox	eq	0.1
firefox	eq	0.8
firefox	eq	1.5 beta2
firefox	eq	1.5.2
firefox	eq	1.5.0.6
firefox	eq	1.8
firefox	eq	2.0.0.2
firefox	eq	1.5.0.10
firefox	eq	1.5.0.3
firefox	eq	1.5.0.11

Rows per page:

1-10 of 751

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

lcamtuf.coredump.cx/ietrap/ff/

lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html

osvdb.org/33809

secunia.com/advisories/27276

secunia.com/advisories/27298

secunia.com/advisories/27311

secunia.com/advisories/27315

secunia.com/advisories/27325

secunia.com/advisories/27327

secunia.com/advisories/27335

secunia.com/advisories/27336

secunia.com/advisories/27356

secunia.com/advisories/27360

secunia.com/advisories/27383

secunia.com/advisories/27387

secunia.com/advisories/27403

secunia.com/advisories/27414

secunia.com/advisories/27425

secunia.com/advisories/27480

secunia.com/advisories/27665

secunia.com/advisories/27680

secunia.com/advisories/28398

securityreason.com/securityalert/2310

securitytracker.com/id?1018837

sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

www.debian.org/security/2007/dsa-1392

www.debian.org/security/2007/dsa-1396

www.debian.org/security/2007/dsa-1401

www.gentoo.org/security/en/glsa/glsa-200711-14.xml

www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

www.mozilla.org/security/announce/2007/mfsa2007-30.html

www.novell.com/linux/security/advisories/2007_57_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0979.html

www.redhat.com/support/errata/RHSA-2007-0980.html

www.redhat.com/support/errata/RHSA-2007-0981.html

www.securityfocus.com/archive/1/461007/100/0/threaded

www.securityfocus.com/archive/1/461023/100/0/threaded

www.securityfocus.com/archive/1/482876/100/200/threaded

www.securityfocus.com/archive/1/482925/100/0/threaded

www.securityfocus.com/archive/1/482932/100/200/threaded

www.securityfocus.com/bid/22688

www.ubuntu.com/usn/usn-536-1

www.vupen.com/english/advisories/2007/3544

www.vupen.com/english/advisories/2007/3587

www.vupen.com/english/advisories/2008/0083

bugzilla.mozilla.org/show_bug.cgi?id=371360

exchange.xforce.ibmcloud.com/vulnerabilities/32647

exchange.xforce.ibmcloud.com/vulnerabilities/32649

issues.rpath.com/browse/RPL-1858

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665

usn.ubuntu.com/535-1/

www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

6.3 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.332 Low

EPSS

Percentile

96.9%

JSON

Related for PRION:CVE-2007-1095