Unrated severityNVD Advisory· Published Feb 26, 2007· Updated Jun 16, 2026
CVE-2007-1095
CVE-2007-1095
Description
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
77cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 60 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=2.0.0.7
- cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
- (no CPE)range: <2.0.0.8
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <=1.1.4
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
- (no CPE)range: <1.1.5
Patches
Vulnerability mechanics
References
56- secunia.com/advisories/27276nvdVendor Advisory
- secunia.com/advisories/27298nvdVendor Advisory
- secunia.com/advisories/27311nvdVendor Advisory
- secunia.com/advisories/27315nvdVendor Advisory
- secunia.com/advisories/27325nvdVendor Advisory
- secunia.com/advisories/27327nvdVendor Advisory
- secunia.com/advisories/27335nvdVendor Advisory
- secunia.com/advisories/27336nvdVendor Advisory
- secunia.com/advisories/27356nvdVendor Advisory
- secunia.com/advisories/27360nvdVendor Advisory
- secunia.com/advisories/27383nvdVendor Advisory
- secunia.com/advisories/27387nvdVendor Advisory
- secunia.com/advisories/27403nvdVendor Advisory
- secunia.com/advisories/27414nvdVendor Advisory
- secunia.com/advisories/27425nvdVendor Advisory
- secunia.com/advisories/27480nvdVendor Advisory
- secunia.com/advisories/27665nvdVendor Advisory
- secunia.com/advisories/27680nvdVendor Advisory
- secunia.com/advisories/28398nvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2007-0979.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2007-0980.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2007-0981.htmlnvdVendor Advisory
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- lcamtuf.coredump.cx/ietrap/ff/nvd
- lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.htmlnvd
- osvdb.org/33809nvd
- securityreason.com/securityalert/2310nvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.htmlnvd
- www.debian.org/security/2007/dsa-1392nvd
- www.debian.org/security/2007/dsa-1396nvd
- www.debian.org/security/2007/dsa-1401nvd
- www.gentoo.org/security/en/glsa/glsa-200711-14.xmlnvd
- www.mandriva.com/en/security/advisoriesnvd
- www.mozilla.org/security/announce/2007/mfsa2007-30.htmlnvd
- www.novell.com/linux/security/advisories/2007_57_mozilla.htmlnvd
- www.securityfocus.com/archive/1/461007/100/0/threadednvd
- www.securityfocus.com/archive/1/461023/100/0/threadednvd
- www.securityfocus.com/archive/1/482876/100/200/threadednvd
- www.securityfocus.com/archive/1/482925/100/0/threadednvd
- www.securityfocus.com/archive/1/482932/100/200/threadednvd
- www.securityfocus.com/bid/22688nvd
- www.ubuntu.com/usn/usn-536-1nvd
- www.vupen.com/english/advisories/2007/3544nvd
- www.vupen.com/english/advisories/2007/3587nvd
- www.vupen.com/english/advisories/2008/0083nvd
- bugzilla.mozilla.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32647nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32649nvd
- issues.rpath.com/browse/RPL-1858nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665nvd
- usn.ubuntu.com/535-1/nvd
- www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.htmlnvd
News mentions
0No linked articles in our index yet.