Lucene search
HistoryApr 22, 2007 - 7:19 p.m.
CVE-2007-2162
mozilla
firefox
iceweasel
dos
javascript
cve-2007-2162
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
79.9%
(1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
Affected configurations
Node
gnuiceweaselMatch2.0.0.3
ORmozillafirefoxMatch2.0.0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| gnu:iceweasel | gnu iceweasel | eq | 2.0.0.3 |
| mozilla:firefox | mozilla firefox | eq | 2.0.0.3 |
Related
ubuntucve
ubuntucve
CVE-2007-2162
2007-04-22 00:00:00
prion
prion
Design/Logic Flaw
2007-04-22 19:19:00
cvelist
cvelist
CVE-2007-2162
2007-04-22 19:00:00
nvd
nvd
CVE-2007-2162
2007-04-22 19:19:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
79.9%
Related for CVE-2007-2162