CVE-2007-2868
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.916 High
EPSS
Percentile
98.9%
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Affected configurations
References
fedoranews.org/cms/node/2747
fedoranews.org/cms/node/2749
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
osvdb.org/35138
secunia.com/advisories/24406
secunia.com/advisories/24456
secunia.com/advisories/25469
secunia.com/advisories/25476
secunia.com/advisories/25488
secunia.com/advisories/25489
secunia.com/advisories/25490
secunia.com/advisories/25491
secunia.com/advisories/25492
secunia.com/advisories/25496
secunia.com/advisories/25533
secunia.com/advisories/25534
secunia.com/advisories/25559
secunia.com/advisories/25635
secunia.com/advisories/25644
secunia.com/advisories/25647
secunia.com/advisories/25664
secunia.com/advisories/25685
secunia.com/advisories/25750
secunia.com/advisories/25858
secunia.com/advisories/27427
secunia.com/advisories/28363
security.gentoo.org/glsa/glsa-200706-06.xml
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
sunsolve.sun.com/search/document.do?assetkey=1-26-103125-1
sunsolve.sun.com/search/document.do?assetkey=1-66-201505-1
www.debian.org/security/2007/dsa-1300
www.debian.org/security/2007/dsa-1305
www.debian.org/security/2007/dsa-1306
www.debian.org/security/2007/dsa-1308
www.kb.cert.org/vuls/id/609956
www.mandriva.com/security/advisories?name=MDKSA-2007:119
www.mandriva.com/security/advisories?name=MDKSA-2007:120
www.mandriva.com/security/advisories?name=MDKSA-2007:131
www.mozilla.org/security/announce/2007/mfsa2007-12.html
www.novell.com/linux/security/advisories/2007_36_mozilla.html
www.redhat.com/support/errata/RHSA-2007-0400.html
www.redhat.com/support/errata/RHSA-2007-0401.html
www.redhat.com/support/errata/RHSA-2007-0402.html
www.securityfocus.com/archive/1/470172/100/200/threaded
www.securityfocus.com/archive/1/471842/100/0/threaded
www.securityfocus.com/bid/24242
www.securitytracker.com/id?1018151
www.securitytracker.com/id?1018152
www.securitytracker.com/id?1018153
www.ubuntu.com/usn/usn-468-1
www.ubuntu.com/usn/usn-469-1
www.us-cert.gov/cas/techalerts/TA07-151A.html
www.vupen.com/english/advisories/2007/1994
www.vupen.com/english/advisories/2007/3632
www.vupen.com/english/advisories/2008/0082
exchange.xforce.ibmcloud.com/vulnerabilities/34605
issues.rpath.com/browse/RPL-1424
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10711
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.916 High
EPSS
Percentile
98.9%