NVD

Id
53303  
Name
CVE-2007-1095  
Description
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-02-26  
Modified Date
2011-09-20  
Seq
2007-1095  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
269886 53303 CVE-2007-1095 HPSBUX02153  View
269887 53303 CVE-2007-1095 http://lcamtuf.coredump.cx/ietrap/ff/  View
269888 53303 CVE-2007-1095 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too)  View
269889 53303 CVE-2007-1095 oval:org.mitre.oval:def:11665  View
269890 53303 CVE-2007-1095 2310  View
269891 53303 CVE-2007-1095 1018837  View
269892 53303 CVE-2007-1095 201516  View
269893 53303 CVE-2007-1095 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html  View
269894 53303 CVE-2007-1095 DSA-1392  View
269895 53303 CVE-2007-1095 DSA-1396  View
269896 53303 CVE-2007-1095 DSA-1401  View
269897 53303 CVE-2007-1095 GLSA-200711-14  View
269898 53303 CVE-2007-1095 MDKSA-2007:202  View
269899 53303 CVE-2007-1095 http://www.mozilla.org/security/announce/2007/mfsa2007-30.html  View
269900 53303 CVE-2007-1095 SUSE-SA:2007:057  View
269901 53303 CVE-2007-1095 RHSA-2007:0979  View
269902 53303 CVE-2007-1095 RHSA-2007:0980  View
269903 53303 CVE-2007-1095 RHSA-2007:0981  View
269904 53303 CVE-2007-1095 20070223 Firefox: onUnload tailgating (MSIE7 entrapment bug variant)  View
269905 53303 CVE-2007-1095 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too)  View
269906 53303 CVE-2007-1095 20071026 rPSA-2007-0225-1 firefox  View
269907 53303 CVE-2007-1095 20071029 FLEA-2007-0062-1 firefox  View
269908 53303 CVE-2007-1095 20071029 rPSA-2007-0225-2 firefox thunderbird  View
269909 53303 CVE-2007-1095 22688  View
269910 53303 CVE-2007-1095 USN-536-1  View
269911 53303 CVE-2007-1095 USN-535-1  View
269912 53303 CVE-2007-1095 ADV-2007-3544  View
269913 53303 CVE-2007-1095 ADV-2007-3587  View
269914 53303 CVE-2007-1095 ADV-2008-0083  View
269915 53303 CVE-2007-1095 ie-mozilla-onunload-dos(32647)  View
269916 53303 CVE-2007-1095 ie-mozilla-onunload-url-spoofing(32649)  View
269917 53303 CVE-2007-1095 https://bugzilla.mozilla.org/show_bug.cgi?id=371360  View
269918 53303 CVE-2007-1095 https://issues.rpath.com/browse/RPL-1858  View
269919 53303 CVE-2007-1095 FEDORA-2007-3431  View
269920 53303 CVE-2007-1095 FEDORA-2007-2601  View
269921 53303 CVE-2007-1095 FEDORA-2007-2664  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52194 JVNDB-2007-000884 Mozilla Firefox/SeaMonkey の JavaScript onUnload ハンドラにおける情報漏えいの脆弱性 Mozilla Firefox および SeaMonkey には、JavaScript onUnload ハンドラの実装に不備があり、不正な Web ページを参照した場合、ユーザが次に移動した Web ページの情報が奪取される問題が存在します。 CVE-2007-1095 24450 CVE-2007-1095 53303 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000884.html 2007-10-18 2008-01-23 View