Vulnerability CVE-2007-1095

Vulnerability CVE-2007-1095

Published: 2007-02-26 Modified: 2012-02-12

Description:

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

See advisories in our WLB2 database:

	Topic	Author	Date
Low	MSIE7 browser entrapment vulnerability (probably Firefox, too)	Michal Zalewski	02.03.2007

Type:

CWE-Other

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Mozilla -> Firefox
Mozilla -> Seamonkey

References:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://lcamtuf.coredump.cx/ietrap/ff/

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html

http://securityreason.com/securityalert/2310

http://securitytracker.com/id?1018837

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

http://www.debian.org/security/2007/dsa-1392

http://www.debian.org/security/2007/dsa-1396

http://www.debian.org/security/2007/dsa-1401

http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml

http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

http://www.mozilla.org/security/announce/2007/mfsa2007-30.html

http://www.novell.com/linux/security/advisories/2007_57_mozilla.html

http://www.redhat.com/support/errata/RHSA-2007-0979.html

http://www.redhat.com/support/errata/RHSA-2007-0980.html

http://www.redhat.com/support/errata/RHSA-2007-0981.html

http://www.securityfocus.com/archive/1/461007/100/0/threaded

http://www.securityfocus.com/archive/1/461023/100/0/threaded

http://www.securityfocus.com/archive/1/482876/100/200/threaded

http://www.securityfocus.com/archive/1/482925/100/0/threaded

http://www.securityfocus.com/archive/1/482932/100/200/threaded

http://www.securityfocus.com/bid/22688

http://www.ubuntu.com/usn/usn-536-1

http://www.vupen.com/english/advisories/2007/3544

http://www.vupen.com/english/advisories/2007/3587

http://www.vupen.com/english/advisories/2008/0083

https://bugzilla.mozilla.org/show_bug.cgi?id=371360

https://exchange.xforce.ibmcloud.com/vulnerabilities/32647

https://exchange.xforce.ibmcloud.com/vulnerabilities/32649

https://issues.rpath.com/browse/RPL-1858

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665

https://usn.ubuntu.com/535-1/

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

Vulnerability CVE-2007-1095

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

See advisories in our WLB2 database:

Low

MSIE7 browser entrapment vulnerability (probably Firefox, too)

CWE-Other

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

6.8/10

6.4/10

8.6/10

Remote

Medium

No required

Partial

Partial

Partial

Affected software

References: