VYPR
Unrated severityNVD Advisory· Published Feb 26, 2007· Updated Jun 16, 2026

CVE-2007-1092

CVE-2007-1092

Description

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
    • (no CPE)range: = 1.5.0.9, = 2.0.0.1
  • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <=1.0.7
    • (no CPE)range: <1.0.8

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.