Lucene search

RedhatCVE-2007-2867

HistoryJun 01, 2007 - 12:30 a.m.

CVE-2007-2867

2007-06-0100:30:00

CWE-119

redhat

web.nvd.nist.gov

mozilla

firefox

thunderbird

seamonkey

vulnerability

denial of service

nvd

cve-2007-2867

remote attackers

crash

heap corruption

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.969

Percentile

99.7%

JSON

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.

Affected configurations

Nvd

Node

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch1.5.0.9

mozillafirefoxMatch1.5.0.10

mozillafirefoxMatch1.5.0.11

mozillafirefoxMatch1.5.1

mozillafirefoxMatch1.5.2

mozillafirefoxMatch1.5.3

mozillafirefoxMatch1.5.4

mozillafirefoxMatch1.5.5

mozillafirefoxMatch1.5.6

mozillafirefoxMatch1.5.7

mozillafirefoxMatch1.5.8

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1.2

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.3

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.6

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

mozillathunderbirdMatch1.5.0.10

mozillathunderbirdMatch1.5.0.11

mozillathunderbirdMatch1.5.1

mozillathunderbirdMatch1.5.2

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.1

mozillathunderbirdMatch2.0.0.2

mozillathunderbirdMatch2.0.0.3

VendorProductVersionCPE
mozillafirefox1.5cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
mozillafirefox1.5.0.1cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
mozillafirefox1.5.0.2cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
mozillafirefox1.5.0.3cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
mozillafirefox1.5.0.4cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
mozillafirefox1.5.0.5cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
mozillafirefox1.5.0.6cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
mozillafirefox1.5.0.7cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
mozillafirefox1.5.0.8cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
mozillafirefox1.5.0.9cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	1.5	cpe:2.3:a:mozilla:firefox:1.5:::::::*
mozilla	firefox	1.5.0.1	cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
mozilla	firefox	1.5.0.2	cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
mozilla	firefox	1.5.0.3	cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
mozilla	firefox	1.5.0.4	cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
mozilla	firefox	1.5.0.5	cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
mozilla	firefox	1.5.0.6	cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
mozilla	firefox	1.5.0.7	cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
mozilla	firefox	1.5.0.8	cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
mozilla	firefox	1.5.0.9	cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*

Rows per page:

1-10 of 451

References

fedoranews.org/cms/node/2747

fedoranews.org/cms/node/2749

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

osvdb.org/35134

secunia.com/advisories/24406

secunia.com/advisories/24456

secunia.com/advisories/25469

secunia.com/advisories/25476

secunia.com/advisories/25488

secunia.com/advisories/25489

secunia.com/advisories/25490

secunia.com/advisories/25491

secunia.com/advisories/25492

secunia.com/advisories/25496

secunia.com/advisories/25533

secunia.com/advisories/25534

secunia.com/advisories/25559

secunia.com/advisories/25635

secunia.com/advisories/25644

secunia.com/advisories/25647

secunia.com/advisories/25664

secunia.com/advisories/25685

secunia.com/advisories/25750

secunia.com/advisories/25858

secunia.com/advisories/27423

secunia.com/advisories/28363

security.gentoo.org/glsa/glsa-200706-06.xml

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

sunsolve.sun.com/search/document.do?assetkey=1-26-103136-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201532-1

www.debian.org/security/2007/dsa-1300

www.debian.org/security/2007/dsa-1305

www.debian.org/security/2007/dsa-1306

www.debian.org/security/2007/dsa-1308

www.kb.cert.org/vuls/id/751636

www.mandriva.com/security/advisories?name=MDKSA-2007:119

www.mandriva.com/security/advisories?name=MDKSA-2007:120

www.mandriva.com/security/advisories?name=MDKSA-2007:126

www.mandriva.com/security/advisories?name=MDKSA-2007:131

www.mozilla.org/security/announce/2007/mfsa2007-12.html

www.novell.com/linux/security/advisories/2007_36_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0400.html

www.redhat.com/support/errata/RHSA-2007-0401.html

www.redhat.com/support/errata/RHSA-2007-0402.html

www.securityfocus.com/archive/1/470172/100/200/threaded

www.securityfocus.com/archive/1/471842/100/0/threaded

www.securityfocus.com/bid/24242

www.securitytracker.com/id?1018151

www.securitytracker.com/id?1018153

www.ubuntu.com/usn/usn-468-1

www.ubuntu.com/usn/usn-469-1

www.us-cert.gov/cas/techalerts/TA07-151A.html

www.vupen.com/english/advisories/2007/1994

www.vupen.com/english/advisories/2007/3664

www.vupen.com/english/advisories/2008/0082

exchange.xforce.ibmcloud.com/vulnerabilities/34604

issues.rpath.com/browse/RPL-1424

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10066

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.969

Percentile

99.7%

JSON

Related for CVE-2007-2867