CVE-2007-2867
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
Low
0.969 High
EPSS
Percentile
99.7%
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.
Affected configurations
References
fedoranews.org/cms/node/2747
fedoranews.org/cms/node/2749
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
osvdb.org/35134
secunia.com/advisories/24406
secunia.com/advisories/24456
secunia.com/advisories/25469
secunia.com/advisories/25476
secunia.com/advisories/25488
secunia.com/advisories/25489
secunia.com/advisories/25490
secunia.com/advisories/25491
secunia.com/advisories/25492
secunia.com/advisories/25496
secunia.com/advisories/25533
secunia.com/advisories/25534
secunia.com/advisories/25559
secunia.com/advisories/25635
secunia.com/advisories/25644
secunia.com/advisories/25647
secunia.com/advisories/25664
secunia.com/advisories/25685
secunia.com/advisories/25750
secunia.com/advisories/25858
secunia.com/advisories/27423
secunia.com/advisories/28363
security.gentoo.org/glsa/glsa-200706-06.xml
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
sunsolve.sun.com/search/document.do?assetkey=1-26-103136-1
sunsolve.sun.com/search/document.do?assetkey=1-66-201532-1
www.debian.org/security/2007/dsa-1300
www.debian.org/security/2007/dsa-1305
www.debian.org/security/2007/dsa-1306
www.debian.org/security/2007/dsa-1308
www.kb.cert.org/vuls/id/751636
www.mandriva.com/security/advisories?name=MDKSA-2007:119
www.mandriva.com/security/advisories?name=MDKSA-2007:120
www.mandriva.com/security/advisories?name=MDKSA-2007:126
www.mandriva.com/security/advisories?name=MDKSA-2007:131
www.mozilla.org/security/announce/2007/mfsa2007-12.html
www.novell.com/linux/security/advisories/2007_36_mozilla.html
www.redhat.com/support/errata/RHSA-2007-0400.html
www.redhat.com/support/errata/RHSA-2007-0401.html
www.redhat.com/support/errata/RHSA-2007-0402.html
www.securityfocus.com/archive/1/470172/100/200/threaded
www.securityfocus.com/archive/1/471842/100/0/threaded
www.securityfocus.com/bid/24242
www.securitytracker.com/id?1018151
www.securitytracker.com/id?1018153
www.ubuntu.com/usn/usn-468-1
www.ubuntu.com/usn/usn-469-1
www.us-cert.gov/cas/techalerts/TA07-151A.html
www.vupen.com/english/advisories/2007/1994
www.vupen.com/english/advisories/2007/3664
www.vupen.com/english/advisories/2008/0082
exchange.xforce.ibmcloud.com/vulnerabilities/34604
issues.rpath.com/browse/RPL-1424
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10066
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
Low
0.969 High
EPSS
Percentile
99.7%