CVE-2007-1092

{"id": "CVE-2007-1092", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-02-26T17:28:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc", "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0525.html", "source": "cve@mitre.org"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742", "source": "cve@mitre.org"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/32103", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24333", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24343", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24384", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24395", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24457", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24650", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2302", "source": "cve@mitre.org"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/393921", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050", "source": "cve@mitre.org"}, {"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-08.html", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/461024/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22679", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017701", "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-428-1", "source": "cve@mitre.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=371321", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32647", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32648", "source": "cve@mitre.org"}, {"url": "https://issues.rpath.com/browse/RPL-1103", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11158", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects."}, {"lang": "es", "value": "Mozilla Firefox 1.5.0.9 y 2.0.0.1, y SeaMonkey versiones anteriores a 1.0.8 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante gestores Javascript onUnload que modifican la estructura de un documento, lo cual dispara corrupci\u00f3n de memoria debido una deficiencia de un enganche (hook) finalize en objetos DOM tipo window."}], "lastModified": "2018-10-16T16:36:37.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA"}, {"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0679D9AD-ECEA-4C75-BFED-822F00A49628", "versionEndIncluding": "1.0.7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}