CVE-2007-2867

high

Description

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10066

https://issues.rpath.com/browse/RPL-1424

https://exchange.xforce.ibmcloud.com/vulnerabilities/34604

http://www.vupen.com/english/advisories/2008/0082

http://www.vupen.com/english/advisories/2007/3664

http://www.vupen.com/english/advisories/2007/1994

http://www.us-cert.gov/cas/techalerts/TA07-151A.html

http://www.ubuntu.com/usn/usn-469-1

http://www.ubuntu.com/usn/usn-468-1

http://www.securitytracker.com/id?1018153

http://www.securitytracker.com/id?1018151

http://www.securityfocus.com/bid/24242

http://www.securityfocus.com/archive/1/471842/100/0/threaded

http://www.securityfocus.com/archive/1/470172/100/200/threaded

http://www.redhat.com/support/errata/RHSA-2007-0402.html

http://www.redhat.com/support/errata/RHSA-2007-0401.html

http://www.redhat.com/support/errata/RHSA-2007-0400.html

http://www.novell.com/linux/security/advisories/2007_36_mozilla.html

http://www.mozilla.org/security/announce/2007/mfsa2007-12.html

http://www.mandriva.com/security/advisories?name=MDKSA-2007:131

http://www.mandriva.com/security/advisories?name=MDKSA-2007:126

http://www.mandriva.com/security/advisories?name=MDKSA-2007:120

http://www.mandriva.com/security/advisories?name=MDKSA-2007:119

http://www.kb.cert.org/vuls/id/751636

http://www.debian.org/security/2007/dsa-1308

http://www.debian.org/security/2007/dsa-1306

http://www.debian.org/security/2007/dsa-1305

http://www.debian.org/security/2007/dsa-1300

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201532-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103136-1

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

http://security.gentoo.org/glsa/glsa-200706-06.xml

http://secunia.com/advisories/28363

http://secunia.com/advisories/27423

http://secunia.com/advisories/25858

http://secunia.com/advisories/25750

http://secunia.com/advisories/25685

http://secunia.com/advisories/25664

http://secunia.com/advisories/25647

http://secunia.com/advisories/25644

http://secunia.com/advisories/25635

http://secunia.com/advisories/25559

http://secunia.com/advisories/25534

http://secunia.com/advisories/25533

http://secunia.com/advisories/25496

http://secunia.com/advisories/25492

http://secunia.com/advisories/25491

http://secunia.com/advisories/25490

http://secunia.com/advisories/25489

http://secunia.com/advisories/25488

http://secunia.com/advisories/25476

http://secunia.com/advisories/25469

http://secunia.com/advisories/24456

http://secunia.com/advisories/24406

http://osvdb.org/35134

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://fedoranews.org/cms/node/2749

http://fedoranews.org/cms/node/2747

Details

Source: Mitre, NVD

Published: 2007-06-01

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High