Lucene search

[email protected]NVD:CVE-2007-1282

HistoryMar 06, 2007 - 2:19 a.m.

CVE-2007-1282

2007-03-0602:19:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.789

Percentile

98.3%

JSON

Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.

Affected configurations

Nvd

Node

redhatenterprise_linuxMatch4.0advanced_server

redhatenterprise_linuxMatch4.0enterprise_server

redhatenterprise_linuxMatch4.0workstation

redhatenterprise_linux_desktopMatch4.0

AND

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.7.1

mozillathunderbirdMatch0.7.2

mozillathunderbirdMatch0.7.3

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.3

mozillathunderbirdMatch1.0.4

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.3

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.6

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

fedoranews.org/cms/node/2747

fedoranews.org/cms/node/2749

osvdb.org/33810

secunia.com/advisories/24406

secunia.com/advisories/24456

secunia.com/advisories/24457

secunia.com/advisories/24522

secunia.com/advisories/25588

security.gentoo.org/glsa/glsa-200703-18.xml

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

www.debian.org/security/2007/dsa-1336

www.mozilla.org/security/announce/2007/mfsa2007-10.html

www.redhat.com/support/errata/RHSA-2007-0078.html

www.redhat.com/support/errata/RHSA-2007-0108.html

www.securityfocus.com/bid/22845

www.vupen.com/english/advisories/2007/0824

bugzilla.mozilla.org/show_bug.cgi?id=362735

exchange.xforce.ibmcloud.com/vulnerabilities/32810

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11313

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.789

Percentile

98.3%

JSON

Related for NVD:CVE-2007-1282

veracode1 cvelist1 ubuntucve1 prion1 cve1 nessus16 openvas6 gentoo1 securityvulns1 osv1 debian1 redhat3 oraclelinux2 centos4