Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665
https://issues.rpath.com/browse/RPL-1858
https://exchange.xforce.ibmcloud.com/vulnerabilities/32649
https://exchange.xforce.ibmcloud.com/vulnerabilities/32647
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
http://www.vupen.com/english/advisories/2008/0083
http://www.vupen.com/english/advisories/2007/3587
http://www.vupen.com/english/advisories/2007/3544
http://www.ubuntu.com/usn/usn-536-1
http://www.securityfocus.com/bid/22688
http://www.securityfocus.com/archive/1/482932/100/200/threaded
http://www.securityfocus.com/archive/1/482925/100/0/threaded
http://www.securityfocus.com/archive/1/482876/100/200/threaded
http://www.securityfocus.com/archive/1/461023/100/0/threaded
http://www.securityfocus.com/archive/1/461007/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2007-0981.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://www.debian.org/security/2007/dsa-1401
http://www.debian.org/security/2007/dsa-1396
http://www.debian.org/security/2007/dsa-1392
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
http://securitytracker.com/id?1018837
http://securityreason.com/securityalert/2310
http://secunia.com/advisories/28398
http://secunia.com/advisories/27680
http://secunia.com/advisories/27665
http://secunia.com/advisories/27480
http://secunia.com/advisories/27425
http://secunia.com/advisories/27414
http://secunia.com/advisories/27403
http://secunia.com/advisories/27387
http://secunia.com/advisories/27383
http://secunia.com/advisories/27360
http://secunia.com/advisories/27356
http://secunia.com/advisories/27336
http://secunia.com/advisories/27335
http://secunia.com/advisories/27327
http://secunia.com/advisories/27325
http://secunia.com/advisories/27315
http://secunia.com/advisories/27311
http://secunia.com/advisories/27298
http://secunia.com/advisories/27276
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://lcamtuf.coredump.cx/ietrap/ff/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742