cpe:/a:mozilla:firefox:0.1 cpe:/a:mozilla:firefox:0.2 cpe:/a:mozilla:firefox:0.3 cpe:/a:mozilla:firefox:0.4 cpe:/a:mozilla:firefox:0.5 cpe:/a:mozilla:firefox:0.6 cpe:/a:mozilla:firefox:0.6.1 cpe:/a:mozilla:firefox:0.7 cpe:/a:mozilla:firefox:0.7.1 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.9:rc cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:firefox:0.10.1 cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:firefox:1.0:preview_release cpe:/a:mozilla:firefox:1.0.1 cpe:/a:mozilla:firefox:1.0.2 cpe:/a:mozilla:firefox:1.0.3 cpe:/a:mozilla:firefox:1.0.4 cpe:/a:mozilla:firefox:1.0.5 cpe:/a:mozilla:firefox:1.0.6 cpe:/a:mozilla:firefox:1.0.7 cpe:/a:mozilla:firefox:1.0.8 cpe:/a:mozilla:firefox:1.4.1 cpe:/a:mozilla:firefox:1.5 cpe:/a:mozilla:firefox:1.5.0.1 cpe:/a:mozilla:firefox:1.5.0.2 cpe:/a:mozilla:firefox:1.5.0.3 cpe:/a:mozilla:firefox:1.5.0.4 cpe:/a:mozilla:firefox:1.5.0.5 cpe:/a:mozilla:firefox:1.5.0.6 cpe:/a:mozilla:firefox:1.5.0.7 cpe:/a:mozilla:firefox:1.5.0.8 cpe:/a:mozilla:firefox:1.5.0.9 cpe:/a:mozilla:firefox:1.5.0.10 cpe:/a:mozilla:firefox:1.5.0.11 cpe:/a:mozilla:firefox:1.5.0.12 cpe:/a:mozilla:firefox:2.0 cpe:/a:mozilla:firefox:2.0.0.1 cpe:/a:mozilla:network_security_services:3.11.2 cpe:/a:mozilla:network_security_services:3.11.3 cpe:/a:mozilla:network_security_services:3.11.4 cpe:/a:mozilla:seamonkey:1.0 cpe:/a:mozilla:seamonkey:1.0.1 cpe:/a:mozilla:seamonkey:1.0.2 cpe:/a:mozilla:seamonkey:1.0.3 cpe:/a:mozilla:seamonkey:1.0.4 cpe:/a:mozilla:seamonkey:1.0.5 cpe:/a:mozilla:seamonkey:1.0.6 cpe:/a:mozilla:seamonkey:1.0.7 cpe:/a:mozilla:thunderbird:0.1 cpe:/a:mozilla:thunderbird:0.2 cpe:/a:mozilla:thunderbird:0.3 cpe:/a:mozilla:thunderbird:0.4 cpe:/a:mozilla:thunderbird:0.5 cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.7.1 cpe:/a:mozilla:thunderbird:0.7.2 cpe:/a:mozilla:thunderbird:0.7.3 cpe:/a:mozilla:thunderbird:0.8 cpe:/a:mozilla:thunderbird:0.9 cpe:/a:mozilla:thunderbird:1.0 cpe:/a:mozilla:thunderbird:1.0.1 cpe:/a:mozilla:thunderbird:1.0.2 cpe:/a:mozilla:thunderbird:1.0.3 cpe:/a:mozilla:thunderbird:1.0.4 cpe:/a:mozilla:thunderbird:1.0.5 cpe:/a:mozilla:thunderbird:1.0.6 cpe:/a:mozilla:thunderbird:1.0.7 cpe:/a:mozilla:thunderbird:1.0.8 cpe:/a:mozilla:thunderbird:1.5 cpe:/a:mozilla:thunderbird:1.5:beta2 cpe:/a:mozilla:thunderbird:1.5.0.1 cpe:/a:mozilla:thunderbird:1.5.0.2 cpe:/a:mozilla:thunderbird:1.5.0.3 cpe:/a:mozilla:thunderbird:1.5.0.4 cpe:/a:mozilla:thunderbird:1.5.0.5 cpe:/a:mozilla:thunderbird:1.5.0.6 cpe:/a:mozilla:thunderbird:1.5.0.7 cpe:/a:mozilla:thunderbird:1.5.0.8 cpe:/a:mozilla:thunderbird:1.5.0.9 CVE-2007-0008 2007-02-26T15:28:00.000-05:00 2017-10-10T21:31:31.830-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-02-27T16:09:00.000-05:00 ALLOWS_OTHER_ACCESS SECTRACK 1017696 SUNALERT 102856 SUNALERT 102945 SGI 20070202-01-P IDEFENSE 20070223 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability BUGTRAQ 20070226 rPSA-2007-0040-1 firefox SGI 20070301-01-P BUGTRAQ 20070303 rPSA-2007-0040-3 firefox thunderbird BID 22694 SECUNIA 24205 SECUNIA 24238 SECUNIA 24252 SECUNIA 24253 SECUNIA 24277 SECUNIA 24287 SECUNIA 24290 SECUNIA 24293 SECUNIA 24320 SECUNIA 24328 SECUNIA 24333 SECUNIA 24342 SECUNIA 24343 SECUNIA 24384 SECUNIA 24389 SECUNIA 24395 SECUNIA 24406 SECUNIA 24410 SECUNIA 24455 SECUNIA 24456 SECUNIA 24457 SECUNIA 24522 SECUNIA 24562 SECUNIA 24650 SECUNIA 24703 SECUNIA 25588 SECUNIA 25597 OSVDB 32105 BID 64758 VUPEN ADV-2007-0718 VUPEN ADV-2007-0719 VUPEN ADV-2007-1165 VUPEN ADV-2007-2141 DEBIAN DSA-1336 FEDORA FEDORA-2007-278 FEDORA FEDORA-2007-279 FEDORA FEDORA-2007-281 FEDORA FEDORA-2007-293 FEDORA FEDORA-2007-308 FEDORA FEDORA-2007-309 GENTOO GLSA-200703-18 GENTOO GLSA-200703-22 HP HPSBUX02153 MANDRIVA MDKSA-2007:050 MANDRIVA MDKSA-2007:052 REDHAT RHSA-2007:0077 REDHAT RHSA-2007:0078 REDHAT RHSA-2007:0079 REDHAT RHSA-2007:0097 REDHAT RHSA-2007:0108 SLACKWARE SSA:2007-066-03 SLACKWARE SSA:2007-066-04 SLACKWARE SSA:2007-066-05 HP SSRT061181 SUSE SUSE-SA:2007:019 SUSE SUSE-SA:2007:022 UBUNTU USN-428-1 UBUNTU USN-431-1 CERT-VN VU#377812 CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-06.html CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html MISC https://bugzilla.mozilla.org/show_bug.cgi?id=364319 CONFIRM https://issues.rpath.com/browse/RPL-1081 CONFIRM https://issues.rpath.com/browse/RPL-1103 XF nss-mastersecret-bo(32666) Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.