6.8

CVE-2007-1095

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version <= 2.0.0.7
MozillaFirefox Version0.1
MozillaFirefox Version0.2
MozillaFirefox Version0.3
MozillaFirefox Version0.4
MozillaFirefox Version0.5
MozillaFirefox Version0.6
MozillaFirefox Version0.6.1
MozillaFirefox Version0.7
MozillaFirefox Version0.7.1
MozillaFirefox Version0.8
MozillaFirefox Version0.9
MozillaFirefox Version0.9 Updaterc
MozillaFirefox Version0.9.1
MozillaFirefox Version0.9.2
MozillaFirefox Version0.9.3
MozillaFirefox Version0.10
MozillaFirefox Version0.10.1
MozillaFirefox Version1.0
MozillaFirefox Version1.0 Updatepreview_release
MozillaFirefox Version1.0.1
MozillaFirefox Version1.0.2
MozillaFirefox Version1.0.3
MozillaFirefox Version1.0.4
MozillaFirefox Version1.0.5
MozillaFirefox Version1.0.6
MozillaFirefox Version1.0.7
MozillaFirefox Version1.0.8
MozillaFirefox Version1.4.1
MozillaFirefox Version1.5
MozillaFirefox Version1.5 Updatebeta1
MozillaFirefox Version1.5 Updatebeta2
MozillaFirefox Version1.5.0.1
MozillaFirefox Version1.5.0.2
MozillaFirefox Version1.5.0.3
MozillaFirefox Version1.5.0.4
MozillaFirefox Version1.5.0.5
MozillaFirefox Version1.5.0.6
MozillaFirefox Version1.5.0.7
MozillaFirefox Version1.5.0.8
MozillaFirefox Version1.5.0.9
MozillaFirefox Version1.5.0.10
MozillaFirefox Version1.5.0.11
MozillaFirefox Version1.5.0.12
MozillaFirefox Version1.5.1
MozillaFirefox Version1.5.2
MozillaFirefox Version1.5.3
MozillaFirefox Version1.5.4
MozillaFirefox Version1.5.5
MozillaFirefox Version1.5.6
MozillaFirefox Version1.5.7
MozillaFirefox Version1.5.8
MozillaFirefox Version1.8
MozillaFirefox Version2.0
MozillaFirefox Version2.0.0.1
MozillaFirefox Version2.0.0.2
MozillaFirefox Version2.0.0.3
MozillaFirefox Version2.0.0.4
MozillaFirefox Version2.0.0.5
MozillaFirefox Version2.0.0.6
MozillaSeamonkey Version <= 1.1.4
MozillaSeamonkey Version1.0
MozillaSeamonkey Version1.0.1
MozillaSeamonkey Version1.0.2
MozillaSeamonkey Version1.0.3
MozillaSeamonkey Version1.0.4
MozillaSeamonkey Version1.0.5
MozillaSeamonkey Version1.0.6
MozillaSeamonkey Version1.0.7
MozillaSeamonkey Version1.0.8
MozillaSeamonkey Version1.0.9
MozillaSeamonkey Version1.1
MozillaSeamonkey Version1.1.1
MozillaSeamonkey Version1.1.2
MozillaSeamonkey Version1.1.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.19% 0.801
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.vupen.com/english/advisories/2008/0083
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://secunia.com/advisories/27298
Vendor Advisory
http://secunia.com/advisories/27335
Vendor Advisory
http://secunia.com/advisories/27383
Vendor Advisory
http://secunia.com/advisories/27387
Vendor Advisory
http://secunia.com/advisories/27403
Vendor Advisory
http://secunia.com/advisories/27414
Vendor Advisory
http://securitytracker.com/id?1018837
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.securityfocus.com/archive/1/482876/100/200/threaded
http://www.securityfocus.com/archive/1/482925/100/0/threaded
http://www.securityfocus.com/archive/1/482932/100/200/threaded
http://www.ubuntu.com/usn/usn-536-1
http://www.vupen.com/english/advisories/2007/3544
https://issues.rpath.com/browse/RPL-1858
https://usn.ubuntu.com/535-1/
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://www.securityfocus.com/archive/1/461023/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/32647
https://exchange.xforce.ibmcloud.com/vulnerabilities/32649
http://lcamtuf.coredump.cx/ietrap/ff/
http://osvdb.org/33809
http://secunia.com/advisories/27276
Vendor Advisory
http://secunia.com/advisories/27311
Vendor Advisory
http://secunia.com/advisories/27315
Vendor Advisory
http://secunia.com/advisories/27325
Vendor Advisory
http://secunia.com/advisories/27327
Vendor Advisory
http://secunia.com/advisories/27336
Vendor Advisory
http://secunia.com/advisories/27356
Vendor Advisory
http://secunia.com/advisories/27360
Vendor Advisory
http://secunia.com/advisories/27425
Vendor Advisory
http://secunia.com/advisories/27480
Vendor Advisory
http://secunia.com/advisories/27665
Vendor Advisory
http://secunia.com/advisories/27680
Vendor Advisory
http://secunia.com/advisories/28398
Vendor Advisory
http://securityreason.com/securityalert/2310
http://www.debian.org/security/2007/dsa-1392
http://www.debian.org/security/2007/dsa-1396
http://www.debian.org/security/2007/dsa-1401
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.redhat.com/support/errata/RHSA-2007-0979.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0980.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0981.html
Vendor Advisory
http://www.securityfocus.com/archive/1/461007/100/0/threaded
http://www.securityfocus.com/bid/22688
http://www.vupen.com/english/advisories/2007/3587
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html