You are here: Known Vulnerabilities in Mozilla Products (Firefox > MFSA 2007-08

Mozilla Foundation Security Advisory 2007-08

Title: onUnload + document.write() memory corruption
Impact: Critical
Announced: February 25, 2007
Reporter: Michal Zalewski
Products: Firefox, SeaMonkey

Fixed in: Firefox
  SeaMonkey 1.0.8


Michal Zalewski reported a memory corruption vulnerability in Firefox involving mixing the onUnload event handler and self-modifying document.write() calls. This flaw was introduced in Firefox and and does not affect earlier versions; it is fixed in Firefox and


Disable JavaScript until a fixed version can be installed.