Lucene search

[email protected]CVE-2007-2867

HistoryJun 01, 2007 - 12:30 a.m.

CVE-2007-2867

2007-06-0100:30:00

CWE-119

[email protected]

web.nvd.nist.gov

mozilla

firefox

thunderbird

seamonkey

vulnerability

denial of service

nvd

cve-2007-2867

remote attackers

crash

heap corruption

6.8 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.

CPENameOperatorVersion
mozilla:thunderbirdmozilla thunderbirdeq1.5.0.7
mozilla:seamonkeymozilla seamonkeyeq1.0.3
mozilla:firefoxmozilla firefoxeq1.5.2
mozilla:firefoxmozilla firefoxeq1.5.0.6
mozilla:seamonkeymozilla seamonkeyeq1.0.9
mozilla:firefoxmozilla firefoxeq2.0.0.2
mozilla:firefoxmozilla firefoxeq1.5.0.10
mozilla:firefoxmozilla firefoxeq1.5.0.3
mozilla:firefoxmozilla firefoxeq1.5.0.11
mozilla:firefoxmozilla firefoxeq1.5.4

CPE	Name	Operator	Version
mozilla:thunderbird	mozilla thunderbird	eq	1.5.0.7
mozilla:seamonkey	mozilla seamonkey	eq	1.0.3
mozilla:firefox	mozilla firefox	eq	1.5.2
mozilla:firefox	mozilla firefox	eq	1.5.0.6
mozilla:seamonkey	mozilla seamonkey	eq	1.0.9
mozilla:firefox	mozilla firefox	eq	2.0.0.2
mozilla:firefox	mozilla firefox	eq	1.5.0.10
mozilla:firefox	mozilla firefox	eq	1.5.0.3
mozilla:firefox	mozilla firefox	eq	1.5.0.11
mozilla:firefox	mozilla firefox	eq	1.5.4

Rows per page:

1-10 of 451

References

fedoranews.org/cms/node/2747

fedoranews.org/cms/node/2749

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

osvdb.org/35134

secunia.com/advisories/24406

secunia.com/advisories/24456

secunia.com/advisories/25469

secunia.com/advisories/25476

secunia.com/advisories/25488

secunia.com/advisories/25489

secunia.com/advisories/25490

secunia.com/advisories/25491

secunia.com/advisories/25492

secunia.com/advisories/25496

secunia.com/advisories/25533

secunia.com/advisories/25534

secunia.com/advisories/25559

secunia.com/advisories/25635

secunia.com/advisories/25644

secunia.com/advisories/25647

secunia.com/advisories/25664

secunia.com/advisories/25685

secunia.com/advisories/25750

secunia.com/advisories/25858

secunia.com/advisories/27423

secunia.com/advisories/28363

security.gentoo.org/glsa/glsa-200706-06.xml

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

sunsolve.sun.com/search/document.do?assetkey=1-26-103136-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201532-1

www.debian.org/security/2007/dsa-1300

www.debian.org/security/2007/dsa-1305

www.debian.org/security/2007/dsa-1306

www.debian.org/security/2007/dsa-1308

www.kb.cert.org/vuls/id/751636

www.mandriva.com/security/advisories?name=MDKSA-2007:119

www.mandriva.com/security/advisories?name=MDKSA-2007:120

www.mandriva.com/security/advisories?name=MDKSA-2007:126

www.mandriva.com/security/advisories?name=MDKSA-2007:131

www.mozilla.org/security/announce/2007/mfsa2007-12.html

www.novell.com/linux/security/advisories/2007_36_mozilla.html

www.redhat.com/support/errata/RHSA-2007-0400.html

www.redhat.com/support/errata/RHSA-2007-0401.html

www.redhat.com/support/errata/RHSA-2007-0402.html

www.securityfocus.com/archive/1/470172/100/200/threaded

www.securityfocus.com/archive/1/471842/100/0/threaded

www.securityfocus.com/bid/24242

www.securitytracker.com/id?1018151

www.securitytracker.com/id?1018153

www.ubuntu.com/usn/usn-468-1

www.ubuntu.com/usn/usn-469-1

www.us-cert.gov/cas/techalerts/TA07-151A.html

www.vupen.com/english/advisories/2007/1994

www.vupen.com/english/advisories/2007/3664

www.vupen.com/english/advisories/2008/0082

exchange.xforce.ibmcloud.com/vulnerabilities/34604

issues.rpath.com/browse/RPL-1424

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10066

6.8 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2007-2867

checkpoint_advisories3 veracode1 ubuntucve1 cert1 prion1 mozilla1 securityvulns2 nessus47 openvas64 fedora16 ubuntu2 debian4 osv4 oraclelinux3 redhat3 centos4 gentoo1 suse1