SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-2868

Date: (C)2007-05-31 (M)2023-12-22

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1018151

SECTRACK-1018152

SECTRACK-1018153

SUNALERT-103125

http://www.securityfocus.com/archive/1/470172/100/200/threaded

http://www.securityfocus.com/archive/1/471842/100/0/threaded

SUNALERT-201505

FEDORA-2007-308

FEDORA-2007-309

SSA:2007-066-04

SSA:2007-152-02

SUSE-SA:2007:036

http://www.mozilla.org/security/announce/2007/mfsa2007-12.html

https://issues.rpath.com/browse/RPL-1424

mozilla-javascripteng-code-execution(34605)

oval:org.mitre.oval:def:10711

cpe:/a:mozilla:firefox:1.5.0.10
cpe:/a:mozilla:firefox:1.5.0.11
cpe:/a:mozilla:firefox:1.5.0.4
cpe:/a:mozilla:firefox:1.5.0.3
...

© SecPod Technologies