9.3

CVE-2007-1092

Exploit

EPSS 28.54%
Veröffentlicht 26.02.2007 17:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 31

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version1.5.0.9

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Seamonkey Version <= 1.0.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	28.54%	0.963

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

http://secunia.com/advisories/24333

http://secunia.com/advisories/24343

http://secunia.com/advisories/24384

http://secunia.com/advisories/24395

http://secunia.com/advisories/24457

http://secunia.com/advisories/24650

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

http://www.redhat.com/support/errata/RHSA-2007-0078.html

http://www.ubuntu.com/usn/usn-428-1

https://issues.rpath.com/browse/RPL-1103

https://exchange.xforce.ibmcloud.com/vulnerabilities/32647

http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0525.html

http://osvdb.org/32103

http://securityreason.com/securityalert/2302

http://www.kb.cert.org/vuls/id/393921

US Government Resource

http://www.mozilla.org/security/announce/2007/mfsa2007-08.html

http://www.securityfocus.com/archive/1/461024/100/0/threaded

http://www.securityfocus.com/bid/22679

Patch

Exploit

http://www.securitytracker.com/id?1017701

https://bugzilla.mozilla.org/show_bug.cgi?id=371321

https://exchange.xforce.ibmcloud.com/vulnerabilities/32648

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11158

https://nvd.nist.gov/vuln/detail/CVE-2007-1092

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1092

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1092

EUVD