Lucene search

RedhatCVELIST:CVE-2007-0009

HistoryFeb 26, 2007 - 8:00 p.m.

CVE-2007-0009

2007-02-2620:00:00

redhat

www.cve.org

AI Score

7.8

Confidence

Low

EPSS

0.965

Percentile

99.6%

JSON

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid “Client Master Key” length values.

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

fedoranews.org/cms/node/2709

fedoranews.org/cms/node/2711

fedoranews.org/cms/node/2747

fedoranews.org/cms/node/2749

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

labs.idefense.com/intelligence/vulnerabilities/display.php?id=483

lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

rhn.redhat.com/errata/RHSA-2007-0077.html

secunia.com/advisories/24253

secunia.com/advisories/24277

secunia.com/advisories/24287

secunia.com/advisories/24290

secunia.com/advisories/24293

secunia.com/advisories/24333

secunia.com/advisories/24342

secunia.com/advisories/24343

secunia.com/advisories/24384

secunia.com/advisories/24389

secunia.com/advisories/24395

secunia.com/advisories/24406

secunia.com/advisories/24410

secunia.com/advisories/24455

secunia.com/advisories/24456

secunia.com/advisories/24457

secunia.com/advisories/24522

secunia.com/advisories/24562

secunia.com/advisories/24650

secunia.com/advisories/24703

secunia.com/advisories/25588

secunia.com/advisories/25597

security.gentoo.org/glsa/glsa-200703-18.xml

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1

sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1

www.debian.org/security/2007/dsa-1336

www.gentoo.org/security/en/glsa/glsa-200703-22.xml

www.kb.cert.org/vuls/id/592796

www.mandriva.com/security/advisories?name=MDKSA-2007:050

www.mandriva.com/security/advisories?name=MDKSA-2007:052

www.mozilla.org/security/announce/2007/mfsa2007-06.html

www.novell.com/linux/security/advisories/2007_22_mozilla.html

www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

www.osvdb.org/32106

www.redhat.com/support/errata/RHSA-2007-0078.html

www.redhat.com/support/errata/RHSA-2007-0079.html

www.redhat.com/support/errata/RHSA-2007-0097.html

www.redhat.com/support/errata/RHSA-2007-0108.html

www.securityfocus.com/archive/1/461336/100/0/threaded

www.securityfocus.com/archive/1/461809/100/0/threaded

www.securityfocus.com/bid/64758

www.securitytracker.com/id?1017696

www.ubuntu.com/usn/usn-428-1

www.ubuntu.com/usn/usn-431-1

www.vupen.com/english/advisories/2007/0718

www.vupen.com/english/advisories/2007/0719

www.vupen.com/english/advisories/2007/1165

www.vupen.com/english/advisories/2007/2141

bugzilla.mozilla.org/show_bug.cgi?id=364323

exchange.xforce.ibmcloud.com/vulnerabilities/32663

issues.rpath.com/browse/RPL-1081

issues.rpath.com/browse/RPL-1103

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10174