SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-2867

Date: (C)2007-05-31 (M)2023-12-22

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1018151

SECTRACK-1018153

SUNALERT-103136

http://www.securityfocus.com/archive/1/470172/100/200/threaded

http://www.securityfocus.com/archive/1/471842/100/0/threaded

SUNALERT-201532

FEDORA-2007-308

FEDORA-2007-309

SSA:2007-066-04

SSA:2007-152-02

SUSE-SA:2007:036

http://www.mozilla.org/security/announce/2007/mfsa2007-12.html

https://issues.rpath.com/browse/RPL-1424

mozilla-layoutengine-dos(34604)

oval:org.mitre.oval:def:10066

cpe:/a:mozilla:firefox:1.5.0.10
cpe:/a:mozilla:firefox:1.5.0.11
cpe:/a:mozilla:firefox:1.5.0.4
cpe:/a:mozilla:firefox:1.5.0.3
...

© SecPod Technologies