QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-1092

Back to search

CVE-2007-1092

Published: Feb 26, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2007:0078
vendor-advisory
x_refsource_REDHAT
1017701
vdb-entry
x_refsource_SECTRACK
24395
third-party-advisory
x_refsource_SECUNIA
24384
third-party-advisory
x_refsource_SECUNIA
24457
third-party-advisory
x_refsource_SECUNIA
24343
third-party-advisory
x_refsource_SECUNIA
HPSBUX02153
vendor-advisory
x_refsource_HP
22679
vdb-entry
x_refsource_BID
ie-mozilla-onunload-dos(32647)
vdb-entry
x_refsource_XF
VU#393921
third-party-advisory
x_refsource_CERT-VN
24650
third-party-advisory
x_refsource_SECUNIA
USN-428-1
vendor-advisory
x_refsource_UBUNTU
2302
third-party-advisory
x_refsource_SREASON
SUSE-SA:2007:019
vendor-advisory
x_refsource_SUSE
SUSE-SA:2007:022
vendor-advisory
x_refsource_SUSE
32103
vdb-entry
x_refsource_OSVDB
SSRT061181
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:11158
vdb-entry
signature
x_refsource_OVAL
24333
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:050
vendor-advisory
x_refsource_MANDRIVA
SSA:2007-066-05
vendor-advisory
x_refsource_SLACKWARE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now