exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2007-1095

Status Candidate

Overview

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

Related Files

Gentoo Linux Security Advisory 200711-14
Posted Nov 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-14 - Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to cause a memory corruption. Before being used in a request, input passed to the user ID when making an HTTP request with digest authentication is not properly sanitized. The titlebar can be hidden by a XUL markup language document. Additionally, an error exists in the handling of smb: and sftp: URI schemes on systems with gnome-vfs support. An unspecified error in the handling of XPCNativeWrappers and not properly implementing JavaScript onUnload() handlers may allow the execution of arbitrary Javascript code. Another error is triggered by using the addMicrosummaryGenerator sidebar method to access file: URIs. Versions less than 2.0.0.9 are affected.

tags | advisory, web, arbitrary, javascript, vulnerability
systems | linux, gentoo
advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-5334, CVE-2007-5335, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 9406d653f481b768d289697671963843abc5749121b2f6c0fbe1ff5ea8d7b3e1
Debian Linux Security Advisory 1401-1
Posted Nov 6, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1401-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 9bc7902a3a9d13707c50680a45511ae88d83140ad502a37acbb6b1f0fad70d4a
Debian Linux Security Advisory 1396-1
Posted Oct 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1396-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 8fe44bb7245d98b16367831bc25a2cdbd53ab91d169bf07f76151139fb5dac32
Ubuntu Security Notice 536-1
Posted Oct 24, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 536-1 - A massive slew of vulnerabilities that relate to mozilla-thunderbird have been patched. It would be wise to upgrade now.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 5d868ca3cbf8195030fcde8ba5b7c3d30109913f90eb6ea9b8d3da2f0f586fd5
Mandriva Linux Security Advisory 2007.202
Posted Oct 23, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-4841, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 2135e6c07c0d7978822688d56feada1ec50ecedb20b2a667e7732def2eeac94d
Ubuntu Security Notice 535-1
Posted Oct 23, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.

tags | advisory, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5335, CVE-2007-5336, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | e937e8ad5d0b409d665ed543ec76877c5a6c7850fb23798031b11ce6ee1da4ed
Debian Linux Security Advisory 1392-1
Posted Oct 23, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1392-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
SHA-256 | 07283a47e9583c7edb535f3b607f378ec46027553dd159a84808cd043699ff16
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close