FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-1092

This CVE name corresponds to:

Entered Topic
2007-02-24 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-1092 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-1092
Phase Assigned(20070226)

Description

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.

References

Source Reference
BUGTRAQ 20070223 Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)
FULLDISC 20070222 Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)
CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=371321
CONFIRM https://issues.rpath.com/browse/RPL-1103
HP HPSBUX02153
HP SSRT061181
MANDRIVA MDKSA-2007:050
REDHAT RHSA-2007:0078
SGI 20070301-01-P
SGI 20070202-01-P
SLACKWARE SSA:2007-066-05
SUSE SUSE-SA:2007:019
SUSE SUSE-SA:2007:022
UBUNTU USN-428-1
CERT-VN VU#393921
BID 22679
OSVDB 32103
OVAL oval:org.mitre.oval:def:11158
SECTRACK 1017701
SECUNIA 24333
SECUNIA 24343
SECUNIA 24395
SECUNIA 24384
SECUNIA 24650
SECUNIA 24457
SREASON 2302
XF mozilla-onunload-code-execution(32648)
XF ie-mozilla-onunload-dos(32647)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.