CVE-2007-1092 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1092
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1092

Description: Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32648 http://xforce.iss.net/xforce/xfdb/32647 UBUNTU http://www.ubuntu.com/usn/usn-428-1 SUSE http://www.novell.com/linux/security/advisories/2007_22_mozilla.html http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html ST 1017701 SREASON http://securityreason.com/securityalert/2302 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 SGI SAID Secunia Advisory: SA24395 Secunia Advisory: SA24384 Secunia Advisory: SA24343 Secunia Advisory: SA24333 Secunia Advisory: SA24650 Secunia Advisory: SA24457 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0078.html OSVDB 32103 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0525.html CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-08.html CERT-VN 393921 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/461024/100/0/threaded BID 22679

Return to the previous page.