Vulnerability-Lookup

CVE-2007-0008 (GCVE-0-2007-0008)

Vulnerability from cvelistv5 – Published: 2007-02-27 01:00 – Updated: 2024-08-07 12:03

Summary

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/24562	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25597	third-party-advisoryx_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-20070…	vendor-advisoryx_refsource_GENTOO
	http://fedoranews.org/cms/node/2709	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/24703	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24395	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/461336/100…	mailing-listx_refsource_BUGTRAQ
	http://fedoranews.org/cms/node/2747	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/24328	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-01…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/24277	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24252	third-party-advisoryx_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://secunia.com/advisories/24384	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24406	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24457	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24253	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://bugzilla.mozilla.org/show_bug.cgi?id=364319	x_refsource_MISC
	http://secunia.com/advisories/24343	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1336	vendor-advisoryx_refsource_DEBIAN
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2007/1165	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1017696	vdb-entryx_refsource_SECTRACK
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.vupen.com/english/advisories/2007/0718	vdb-entryx_refsource_VUPEN
	http://fedoranews.org/cms/node/2711	vendor-advisoryx_refsource_FEDORA
	http://fedoranews.org/cms/node/2749	vendor-advisoryx_refsource_FEDORA
	http://security.gentoo.org/glsa/glsa-200703-18.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/24650	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-428-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/24320	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25588	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1103	x_refsource_CONFIRM
	http://lists.suse.com/archive/suse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/archive/1/461809/100…	mailing-listx_refsource_BUGTRAQ
	http://www.osvdb.org/32105	vdb-entryx_refsource_OSVDB
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/24293	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24238	third-party-advisoryx_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://secunia.com/advisories/24456	third-party-advisoryx_refsource_SECUNIA
	http://www.mozilla.org/security/announce/2007/mfs…	x_refsource_CONFIRM
	http://secunia.com/advisories/24342	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24287	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24522	third-party-advisoryx_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.kb.cert.org/vuls/id/377812	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/22694	vdb-entryx_refsource_BID
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2007/0719	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://fedoranews.org/cms/node/2713	vendor-advisoryx_refsource_FEDORA
	http://www.ubuntu.com/usn/usn-431-1	vendor-advisoryx_refsource_UBUNTU
	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT
	http://fedoranews.org/cms/node/2728	vendor-advisoryx_refsource_FEDORA
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/24205	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24389	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1081	x_refsource_CONFIRM
	http://secunia.com/advisories/24410	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24333	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2141	vdb-entryx_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/bid/64758	vdb-entryx_refsource_BID
	http://secunia.com/advisories/24290	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/24455	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0077.html	vendor-advisoryx_refsource_REDHAT
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://www.redhat.com/support/errata/RHSA-2007-00…	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:03:37.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2007:0078",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
          },
          {
            "name": "24562",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24562"
          },
          {
            "name": "25597",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25597"
          },
          {
            "name": "GLSA-200703-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
          },
          {
            "name": "FEDORA-2007-278",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2709"
          },
          {
            "name": "24703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24703"
          },
          {
            "name": "24395",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24395"
          },
          {
            "name": "20070226 rPSA-2007-0040-1 firefox",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
          },
          {
            "name": "FEDORA-2007-308",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2747"
          },
          {
            "name": "24328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24328"
          },
          {
            "name": "RHSA-2007:0108",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
          },
          {
            "name": "24277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24277"
          },
          {
            "name": "24252",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24252"
          },
          {
            "name": "SSA:2007-066-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
          },
          {
            "name": "24384",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24384"
          },
          {
            "name": "24406",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24406"
          },
          {
            "name": "24457",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24457"
          },
          {
            "name": "24253",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24253"
          },
          {
            "name": "MDKSA-2007:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
          },
          {
            "name": "24343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24343"
          },
          {
            "name": "DSA-1336",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1336"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "ADV-2007-1165",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1165"
          },
          {
            "name": "1017696",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017696"
          },
          {
            "name": "102945",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
          },
          {
            "name": "ADV-2007-0718",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0718"
          },
          {
            "name": "FEDORA-2007-279",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2711"
          },
          {
            "name": "FEDORA-2007-309",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2749"
          },
          {
            "name": "GLSA-200703-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
          },
          {
            "name": "24650",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24650"
          },
          {
            "name": "USN-428-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-428-1"
          },
          {
            "name": "24320",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24320"
          },
          {
            "name": "25588",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25588"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1103"
          },
          {
            "name": "SUSE-SA:2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
          },
          {
            "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
          },
          {
            "name": "32105",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/32105"
          },
          {
            "name": "SUSE-SA:2007:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
          },
          {
            "name": "24293",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24293"
          },
          {
            "name": "24238",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24238"
          },
          {
            "name": "SSA:2007-066-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
          },
          {
            "name": "24456",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24456"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
          },
          {
            "name": "24342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24342"
          },
          {
            "name": "24287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24287"
          },
          {
            "name": "24522",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24522"
          },
          {
            "name": "102856",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
          },
          {
            "name": "20070223 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
          },
          {
            "name": "VU#377812",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/377812"
          },
          {
            "name": "22694",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22694"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "ADV-2007-0719",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0719"
          },
          {
            "name": "nss-mastersecret-bo(32666)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
          },
          {
            "name": "FEDORA-2007-281",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2713"
          },
          {
            "name": "USN-431-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-431-1"
          },
          {
            "name": "RHSA-2007:0097",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
          },
          {
            "name": "FEDORA-2007-293",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2728"
          },
          {
            "name": "20070301-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
          },
          {
            "name": "oval:org.mitre.oval:def:10502",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
          },
          {
            "name": "24205",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24205"
          },
          {
            "name": "24389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24389"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1081"
          },
          {
            "name": "24410",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24410"
          },
          {
            "name": "24333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24333"
          },
          {
            "name": "ADV-2007-2141",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2141"
          },
          {
            "name": "MDKSA-2007:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
          },
          {
            "name": "64758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "name": "24290",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24290"
          },
          {
            "name": "24455",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24455"
          },
          {
            "name": "RHSA-2007:0077",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
          },
          {
            "name": "20070202-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          },
          {
            "name": "SSA:2007-066-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
          },
          {
            "name": "RHSA-2007:0079",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-23T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2007:0078",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
        },
        {
          "name": "24562",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24562"
        },
        {
          "name": "25597",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25597"
        },
        {
          "name": "GLSA-200703-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
        },
        {
          "name": "FEDORA-2007-278",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2709"
        },
        {
          "name": "24703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24703"
        },
        {
          "name": "24395",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24395"
        },
        {
          "name": "20070226 rPSA-2007-0040-1 firefox",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
        },
        {
          "name": "FEDORA-2007-308",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2747"
        },
        {
          "name": "24328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24328"
        },
        {
          "name": "RHSA-2007:0108",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
        },
        {
          "name": "24277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24277"
        },
        {
          "name": "24252",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24252"
        },
        {
          "name": "SSA:2007-066-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
        },
        {
          "name": "24384",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24384"
        },
        {
          "name": "24406",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24406"
        },
        {
          "name": "24457",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24457"
        },
        {
          "name": "24253",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24253"
        },
        {
          "name": "MDKSA-2007:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
        },
        {
          "name": "24343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24343"
        },
        {
          "name": "DSA-1336",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1336"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "ADV-2007-1165",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1165"
        },
        {
          "name": "1017696",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017696"
        },
        {
          "name": "102945",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
        },
        {
          "name": "ADV-2007-0718",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0718"
        },
        {
          "name": "FEDORA-2007-279",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2711"
        },
        {
          "name": "FEDORA-2007-309",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2749"
        },
        {
          "name": "GLSA-200703-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
        },
        {
          "name": "24650",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24650"
        },
        {
          "name": "USN-428-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-428-1"
        },
        {
          "name": "24320",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24320"
        },
        {
          "name": "25588",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25588"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1103"
        },
        {
          "name": "SUSE-SA:2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
        },
        {
          "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
        },
        {
          "name": "32105",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/32105"
        },
        {
          "name": "SUSE-SA:2007:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
        },
        {
          "name": "24293",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24293"
        },
        {
          "name": "24238",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24238"
        },
        {
          "name": "SSA:2007-066-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
        },
        {
          "name": "24456",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24456"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
        },
        {
          "name": "24342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24342"
        },
        {
          "name": "24287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24287"
        },
        {
          "name": "24522",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24522"
        },
        {
          "name": "102856",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
        },
        {
          "name": "20070223 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
        },
        {
          "name": "VU#377812",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/377812"
        },
        {
          "name": "22694",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22694"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
        },
        {
          "name": "ADV-2007-0719",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0719"
        },
        {
          "name": "nss-mastersecret-bo(32666)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
        },
        {
          "name": "FEDORA-2007-281",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2713"
        },
        {
          "name": "USN-431-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-431-1"
        },
        {
          "name": "RHSA-2007:0097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
        },
        {
          "name": "FEDORA-2007-293",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2728"
        },
        {
          "name": "20070301-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
        },
        {
          "name": "oval:org.mitre.oval:def:10502",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
        },
        {
          "name": "24205",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24205"
        },
        {
          "name": "24389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24389"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1081"
        },
        {
          "name": "24410",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24410"
        },
        {
          "name": "24333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24333"
        },
        {
          "name": "ADV-2007-2141",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2141"
        },
        {
          "name": "MDKSA-2007:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
        },
        {
          "name": "64758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64758"
        },
        {
          "name": "24290",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24290"
        },
        {
          "name": "24455",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24455"
        },
        {
          "name": "RHSA-2007:0077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
        },
        {
          "name": "20070202-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
        },
        {
          "name": "SSA:2007-066-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
        },
        {
          "name": "RHSA-2007:0079",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-0008",
    "datePublished": "2007-02-27T01:00:00.000Z",
    "dateReserved": "2006-12-19T05:00:00.000Z",
    "dateUpdated": "2024-08-07T12:03:37.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-102

Vulnerability from certfr_avis - Published: 2007-02-26 - Updated: 2007-03-27

Plusieurs vulnérabilités sur les produits Mozilla cités ci-dessus permettraient le contournement de la politique de sécurité, l'atteinte à la confidentialité des données ou l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été découvertes dans les produits de Mozilla. L'exploitation de ces vulnérabilités peut se faire de différentes façons (script hostile, boite de dialogue malformée, certificats malformés, etc.) et permet à des utilisateurs malintentionnés de provoquer un déni de service, d'exécuter du code arbitraire ou d'obtenir des droits élevés sur la machine victime.

Solution

Les versions suivantes corrigent les problèmes :

Firefox 1.5.0.10 ;
Firefox 2.0.0.2 ;
Thunderbird 1.5.0.10 ;
Seamonkey 1.0.8 ;
Network Security Services 3.11.5.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La branche de développement 1.5.x de Firefox ne sera plus maintenue au-delà du 24 avril 2007.

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Firefox 1.5.0.9 et versions antérieures ;
Mozilla	N/A	Network Security Services 3.11.4 et versions antérieures.
Mozilla	N/A	Seamonkey 1.0.7 et versions antérieures ;
Mozilla	Thunderbird	Thunderbird 1.5.0.9 et versions antérieures ;
Mozilla	Firefox	Firefox 2.0.0.1 et versions antérieures ;

References

Title

Publication Time

Tags

Notes de mises à jour de Firefox 2.0.0.2	2007-02-26	vendor-advisory
Notes de mises à jour de Seamonkey 1.0.8	2007-02-26	vendor-advisory
Notes de mises à jour de Thunderbird 1.5.0.10	2007-02-26	vendor-advisory
Bulletin de sécurité Mozilla MFSA 2007-3 du 23 février 2007	-	other
Mise à jour de sécurité Gentoo GLSA-200703-08 du 09 mars 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-1 du 23 février 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-2 du 23 février 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-5 du 23 février 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-6 du 23 février 2007	-	other
Mise à jour de sécurité Red Hat RHSA-2007:0078 du 02 mars 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-7 du 23 février 2007	-	other
Mise à jour de sécurité Gentoo GLSA-200703-22 du 20 mars 2007	-	other
Mise à jour de sécurité SuSE SUSE-SA:2007:022 du 20 mars 2007	-	other
Mise à jour de sécurité Red Hat RHSA-2007:0079 du 23 février 2007	-	other
Mise à jour de sécurité Mandriva MDKSA-2007:050 du 28 février 2007	-	other
Mise à jour de sécurité Ubuntu USN-428-1 du 26 février 2007	-	other
Mise à jour de sécurité Red Hat RHSA-2007:0077 du 23 février 2007	-	other
Mise à jour de sécurité Gentoo GLSA-200703-18 du 16 mars 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-8 du 23 février 2007	-	other
Mise à jour de sécurité Mandriva MDKSA-2007:050-1 du 02 mars 2007	-	other
Mise à jour de sécurité Gentoo GLSA-200703-04 du 02 mars 2007	-	other
Mise à jour de sécurité Ubuntu USN-428-2 du 02 mars 2007	-	other
Mise à jour de sécurité Ubuntu USN-431-1 du 07 mars 2007	-	other
Bulletin de sécurité Mozilla MFSA 2007-4 du 23 février 2007	-	other
Mise à jour de sécurité SuSE SUSE-SA:2007:019 du 06 mars 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firefox 1.5.0.9 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Firefox",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Network Security Services 3.11.4 et versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Seamonkey 1.0.7 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Thunderbird 1.5.0.9 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Firefox 2.0.0.1 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Firefox",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits de\nMozilla. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut se faire de\ndiff\u00e9rentes fa\u00e7ons (script hostile, boite de dialogue malform\u00e9e,\ncertificats malform\u00e9s, etc.) et permet \u00e0 des utilisateurs\nmalintentionn\u00e9s de provoquer un d\u00e9ni de service, d\u0027ex\u00e9cuter du code\narbitraire ou d\u0027obtenir des droits \u00e9lev\u00e9s sur la machine victime.\n\n## Solution\n\nLes versions suivantes corrigent les probl\u00e8mes :\n\n-   Firefox 1.5.0.10 ;\n-   Firefox 2.0.0.2 ;\n-   Thunderbird 1.5.0.10 ;\n-   Seamonkey 1.0.8 ;\n-   Network Security Services 3.11.5.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n  \n  \n\nLa branche de d\u00e9veloppement 1.5.x de Firefox ne sera plus maintenue\nau-del\u00e0 du 24 avril 2007.\n",
  "cves": [
    {
      "name": "CVE-2007-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0981"
    },
    {
      "name": "CVE-2007-0779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0779"
    },
    {
      "name": "CVE-2007-0008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0008"
    },
    {
      "name": "CVE-2007-0800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0800"
    },
    {
      "name": "CVE-2007-0009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0009"
    },
    {
      "name": "CVE-2006-6077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6077"
    },
    {
      "name": "CVE-2007-0776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0776"
    },
    {
      "name": "CVE-2007-0780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0780"
    },
    {
      "name": "CVE-2007-0995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0995"
    },
    {
      "name": "CVE-2007-0775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0775"
    },
    {
      "name": "CVE-2007-0777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0777"
    },
    {
      "name": "CVE-2007-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0778"
    }
  ],
  "initial_release_date": "2007-02-26T00:00:00",
  "last_revision_date": "2007-03-27T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-3 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-003.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Gentoo GLSA-200703-08 du 09 mars 2007",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-1 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-001.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-2 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-002.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-5 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-005.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-6 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-006.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Red Hat RHSA-2007:0078 du 02 mars  2007",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0078.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-7 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-007.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Gentoo GLSA-200703-22 du 20 mars 2007",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:022 du 20 mars 2007",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0006.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Red Hat RHSA-2007:0079 du 23 f\u00e9vrier 2007",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0079.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Mandriva MDKSA-2007:050 du 28 f\u00e9vrier 2007",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Ubuntu USN-428-1 du 26 f\u00e9vrier 2007",
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Red Hat RHSA-2007:0077 du 23 f\u00e9vrier 2007",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Gentoo GLSA-200703-18 du 16 mars 2007",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-8 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-008.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Mandriva MDKSA-2007:050-1 du 02 mars 2007",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050-1"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Gentoo GLSA-200703-04 du 02 mars 2007",
      "url": "http://www.gentoo.org/security/en/glsa-200703-04.xml"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Ubuntu USN-428-2 du 02 mars 2007",
      "url": "http://www.ubuntu.com/usn/usn-428-2"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Ubuntu USN-431-1 du 07 mars 2007",
      "url": "http://www.ubuntu.com/usn/usn-431-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-4 du 23 f\u00e9vrier 2007",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-004.html"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:019 du 06 mars 2007 :",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    }
  ],
  "reference": "CERTA-2007-AVI-102",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-02-26T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence \u00e0 la mise \u00e0 jour de s\u00e9curit\u00e9 Red Hat.",
      "revision_date": "2007-03-05T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux mises \u00e0 jour de s\u00e9curit\u00e9 Ubuntu, Gentoo, SuSE, Mandriva.",
      "revision_date": "2007-03-13T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux mises \u00e0 jour de s\u00e9curit\u00e9 Ubuntu, Gentoo, SuSE, Mandriva, Red Hat.",
      "revision_date": "2007-03-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s sur les produits \u003cspan\nclass=\"textit\"\u003eMozilla\u003c/span\u003e cit\u00e9s ci-dessus permettraient le\ncontournement de la politique de s\u00e9curit\u00e9, l\u0027atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es ou l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": "2007-02-26",
      "title": "Notes de mises \u00e0 jour de Firefox 2.0.0.2",
      "url": "None"
    },
    {
      "published_at": "2007-02-26",
      "title": "Notes de mises \u00e0 jour de Seamonkey 1.0.8",
      "url": "None"
    },
    {
      "published_at": "2007-02-26",
      "title": "Notes de mises \u00e0 jour de Thunderbird 1.5.0.10",
      "url": "None"
    }
  ]
}

CERTA-2007-AVI-155

Vulnerability from certfr_avis - Published: 2007-04-03 - Updated: 2007-04-03

Deux vulnérabilités présentes dans Sun Solaris et Sun Java Enterprise System permettent à un utilisateur malintentionné de provoquer un déni de service à distance ou d'exécuter du code arbitraire à distance.

Description

Deux vulnérabilités dans la mise en œuvre du protocole SSL2 dans le service NSS (Network Security Services permettent à une personne malveillante de réaliser un déni de service sur les systèmes vulnérables clients et/ou serveurs. Dans le cas d'un système vulnérable fonctionnant sous Microsoft Windows, cette vulnérabilité permet à un individu malintentionné d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 et 2005Q4 ;
Sun Java Enterprise System 5.x ;
Sun Solaris 9 ;
Sun Solaris 10.

Les plate-formes x86, SPARC et les systèmes d'exploitation Linux, HP-UX et Microsoft Windows sont affectés par ces vulnérabilités.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Sun #102856 du 29 mars 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eSun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 et 2005Q4    ;\u003c/LI\u003e    \u003cLI\u003eSun Java Enterprise System 5.x ;\u003c/LI\u003e    \u003cLI\u003eSun Solaris 9 ;\u003c/LI\u003e    \u003cLI\u003eSun Solaris 10.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes plate-formes \u003cTT\u003ex86\u003c/TT\u003e, \u003cTT\u003eSPARC\u003c/TT\u003e et les syst\u00e8mes  d\u0027exploitation \u003cTT\u003eLinux\u003c/TT\u003e, \u003cTT\u003eHP-UX\u003c/TT\u003e et \u003cTT\u003eMicrosoft  Windows\u003c/TT\u003e sont affect\u00e9s par ces vuln\u00e9rabilit\u00e9s.\u003c/P\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s dans la mise en \u0153uvre du protocole SSL2 dans le\nservice NSS (Network Security Services permettent \u00e0 une personne\nmalveillante de r\u00e9aliser un d\u00e9ni de service sur les syst\u00e8mes vuln\u00e9rables\nclients et/ou serveurs. Dans le cas d\u0027un syst\u00e8me vuln\u00e9rable fonctionnant\nsous Microsoft Windows, cette vuln\u00e9rabilit\u00e9 permet \u00e0 un individu\nmalintentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-0008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0008"
    },
    {
      "name": "CVE-2007-0009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0009"
    }
  ],
  "initial_release_date": "2007-04-03T00:00:00",
  "last_revision_date": "2007-04-03T00:00:00",
  "links": [],
  "reference": "CERTA-2007-AVI-155",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-04-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Sun Solaris et Sun Java Enterprise\nSystem permettent \u00e0 un utilisateur malintentionn\u00e9 de provoquer un d\u00e9ni\nde service \u00e0 distance ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Sun Solaris et Sun Java Enterprise System",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Sun #102856 du 29 mars 2007",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
    }
  ]
}

GHSA-G474-6MPQ-JJM3

Vulnerability from github – Published: 2022-05-03 03:17 – Updated: 2022-05-03 03:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-0008"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-02-26T20:28:00Z",
    "severity": "MODERATE"
  },
  "details": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
  "id": "GHSA-g474-6mpq-jjm3",
  "modified": "2022-05-03T03:17:50Z",
  "published": "2022-05-03T03:17:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0008"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2709"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2711"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2747"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2749"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
    },
    {
      "type": "WEB",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24252"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24253"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24277"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24389"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24406"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24410"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24456"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24522"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24562"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24703"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25588"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25597"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1336"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/377812"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/32105"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/64758"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1017696"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-431-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0719"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1165"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2141"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2007-0008

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-0008

Aliases

CVE-2007-0008

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-0008",
    "description": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
    "id": "GSD-2007-0008",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-0008.html",
      "https://www.debian.org/security/2007/dsa-1336",
      "https://access.redhat.com/errata/RHSA-2007:0108",
      "https://access.redhat.com/errata/RHSA-2007:0097",
      "https://access.redhat.com/errata/RHSA-2007:0079",
      "https://access.redhat.com/errata/RHSA-2007:0078",
      "https://access.redhat.com/errata/RHSA-2007:0077",
      "https://linux.oracle.com/cve/CVE-2007-0008.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-0008"
      ],
      "details": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
      "id": "GSD-2007-0008",
      "modified": "2023-12-13T01:21:35.566134Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-0008",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc",
            "refsource": "MISC",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
          },
          {
            "name": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc",
            "refsource": "MISC",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
          },
          {
            "name": "http://fedoranews.org/cms/node/2713",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2713"
          },
          {
            "name": "http://fedoranews.org/cms/node/2728",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2728"
          },
          {
            "name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
            "refsource": "MISC",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
          },
          {
            "name": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html",
            "refsource": "MISC",
            "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2007-0077.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
          },
          {
            "name": "http://secunia.com/advisories/24205",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24205"
          },
          {
            "name": "http://secunia.com/advisories/24238",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24238"
          },
          {
            "name": "http://secunia.com/advisories/24287",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24287"
          },
          {
            "name": "http://secunia.com/advisories/24290",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24290"
          },
          {
            "name": "http://secunia.com/advisories/24293",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24293"
          },
          {
            "name": "http://secunia.com/advisories/24320",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24320"
          },
          {
            "name": "http://secunia.com/advisories/24328",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24328"
          },
          {
            "name": "http://secunia.com/advisories/24333",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24333"
          },
          {
            "name": "http://secunia.com/advisories/24342",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24342"
          },
          {
            "name": "http://secunia.com/advisories/24343",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24343"
          },
          {
            "name": "http://secunia.com/advisories/24384",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24384"
          },
          {
            "name": "http://secunia.com/advisories/24395",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24395"
          },
          {
            "name": "http://secunia.com/advisories/24455",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24455"
          },
          {
            "name": "http://secunia.com/advisories/24457",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24457"
          },
          {
            "name": "http://secunia.com/advisories/24650",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24650"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0078.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0079.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0097.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0108.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/461336/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/461809/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/22694",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/22694"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-428-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-428-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/0718",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/0718"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1081",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1081"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1103",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1103"
          },
          {
            "name": "http://secunia.com/advisories/25588",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/25588"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1336",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1336"
          },
          {
            "name": "http://fedoranews.org/cms/node/2709",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2709"
          },
          {
            "name": "http://fedoranews.org/cms/node/2711",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2711"
          },
          {
            "name": "http://fedoranews.org/cms/node/2747",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2747"
          },
          {
            "name": "http://fedoranews.org/cms/node/2749",
            "refsource": "MISC",
            "url": "http://fedoranews.org/cms/node/2749"
          },
          {
            "name": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482",
            "refsource": "MISC",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
          },
          {
            "name": "http://secunia.com/advisories/24252",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24252"
          },
          {
            "name": "http://secunia.com/advisories/24253",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24253"
          },
          {
            "name": "http://secunia.com/advisories/24277",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24277"
          },
          {
            "name": "http://secunia.com/advisories/24389",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24389"
          },
          {
            "name": "http://secunia.com/advisories/24406",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24406"
          },
          {
            "name": "http://secunia.com/advisories/24410",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24410"
          },
          {
            "name": "http://secunia.com/advisories/24456",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24456"
          },
          {
            "name": "http://secunia.com/advisories/24522",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24522"
          },
          {
            "name": "http://secunia.com/advisories/24562",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24562"
          },
          {
            "name": "http://secunia.com/advisories/24703",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24703"
          },
          {
            "name": "http://secunia.com/advisories/25597",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/25597"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200703-18.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
          },
          {
            "name": "http://www.kb.cert.org/vuls/id/377812",
            "refsource": "MISC",
            "url": "http://www.kb.cert.org/vuls/id/377812"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html",
            "refsource": "MISC",
            "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
            "refsource": "MISC",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
          },
          {
            "name": "http://www.osvdb.org/32105",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/32105"
          },
          {
            "name": "http://www.securityfocus.com/bid/64758",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/64758"
          },
          {
            "name": "http://www.securitytracker.com/id?1017696",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1017696"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-431-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-431-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/0719",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/0719"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/1165",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/1165"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/2141",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/2141"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.5.0.9",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.0.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.5.0.9",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-0008"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
            },
            {
              "name": "20070223 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1081",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1081"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1103",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1103"
            },
            {
              "name": "FEDORA-2007-278",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2709"
            },
            {
              "name": "FEDORA-2007-279",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2711"
            },
            {
              "name": "FEDORA-2007-281",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2713"
            },
            {
              "name": "FEDORA-2007-293",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2728"
            },
            {
              "name": "GLSA-200703-18",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
            },
            {
              "name": "GLSA-200703-22",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
            },
            {
              "name": "MDKSA-2007:052",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
            },
            {
              "name": "RHSA-2007:0079",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
            },
            {
              "name": "RHSA-2007:0077",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
            },
            {
              "name": "RHSA-2007:0078",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
            },
            {
              "name": "RHSA-2007:0097",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
            },
            {
              "name": "RHSA-2007:0108",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
            },
            {
              "name": "SUSE-SA:2007:019",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
            },
            {
              "name": "USN-428-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-428-1"
            },
            {
              "name": "USN-431-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-431-1"
            },
            {
              "name": "VU#377812",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/377812"
            },
            {
              "name": "22694",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/22694"
            },
            {
              "name": "32105",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/32105"
            },
            {
              "name": "1017696",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1017696"
            },
            {
              "name": "24238",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24238"
            },
            {
              "name": "24252",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24252"
            },
            {
              "name": "24253",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24253"
            },
            {
              "name": "24277",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24277"
            },
            {
              "name": "24287",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24287"
            },
            {
              "name": "24290",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24290"
            },
            {
              "name": "24205",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24205"
            },
            {
              "name": "24328",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24328"
            },
            {
              "name": "24333",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24333"
            },
            {
              "name": "24343",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24343"
            },
            {
              "name": "24320",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24320"
            },
            {
              "name": "24293",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24293"
            },
            {
              "name": "24395",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24395"
            },
            {
              "name": "24384",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24384"
            },
            {
              "name": "24389",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24389"
            },
            {
              "name": "24410",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24410"
            },
            {
              "name": "24522",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24522"
            },
            {
              "name": "24562",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24562"
            },
            {
              "name": "102856",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
            },
            {
              "name": "24703",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24703"
            },
            {
              "name": "20070301-01-P",
              "refsource": "SGI",
              "tags": [],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
            },
            {
              "name": "24650",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24650"
            },
            {
              "name": "DSA-1336",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1336"
            },
            {
              "name": "FEDORA-2007-308",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2747"
            },
            {
              "name": "FEDORA-2007-309",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/cms/node/2749"
            },
            {
              "name": "MDKSA-2007:050",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
            },
            {
              "name": "20070202-01-P",
              "refsource": "SGI",
              "tags": [],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
            },
            {
              "name": "SSA:2007-066-03",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
            },
            {
              "name": "SSA:2007-066-04",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
            },
            {
              "name": "SSA:2007-066-05",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
            },
            {
              "name": "102945",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
            },
            {
              "name": "SUSE-SA:2007:022",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
            },
            {
              "name": "25597",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25597"
            },
            {
              "name": "24406",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24406"
            },
            {
              "name": "24455",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24455"
            },
            {
              "name": "24456",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24456"
            },
            {
              "name": "24457",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24457"
            },
            {
              "name": "24342",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24342"
            },
            {
              "name": "25588",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25588"
            },
            {
              "name": "ADV-2007-2141",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2141"
            },
            {
              "name": "ADV-2007-0718",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0718"
            },
            {
              "name": "ADV-2007-0719",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0719"
            },
            {
              "name": "ADV-2007-1165",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1165"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
            },
            {
              "name": "64758",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/64758"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
            },
            {
              "name": "nss-mastersecret-bo(32666)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
            },
            {
              "name": "oval:org.mitre.oval:def:10502",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
            },
            {
              "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
            },
            {
              "name": "20070226 rPSA-2007-0040-1 firefox",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-16T16:29Z",
      "publishedDate": "2007-02-26T20:28Z"
    }
  }
}

FKIE_CVE-2007-0008

Vulnerability from fkie_nvd - Published: 2007-02-26 20:28 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
secalert@redhat.com	http://fedoranews.org/cms/node/2709
secalert@redhat.com	http://fedoranews.org/cms/node/2711
secalert@redhat.com	http://fedoranews.org/cms/node/2713
secalert@redhat.com	http://fedoranews.org/cms/node/2728
secalert@redhat.com	http://fedoranews.org/cms/node/2747
secalert@redhat.com	http://fedoranews.org/cms/node/2749
secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
secalert@redhat.com	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482	Vendor Advisory
secalert@redhat.com	http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2007-0077.html
secalert@redhat.com	http://secunia.com/advisories/24205	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24238	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24252	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24253	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24277	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24287	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24290	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24293	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24320	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24328	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24333	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24342
secalert@redhat.com	http://secunia.com/advisories/24343	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24384	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24389	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24395	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24406
secalert@redhat.com	http://secunia.com/advisories/24410	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24455
secalert@redhat.com	http://secunia.com/advisories/24456
secalert@redhat.com	http://secunia.com/advisories/24457
secalert@redhat.com	http://secunia.com/advisories/24522	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24562	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24650	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24703	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/25588
secalert@redhat.com	http://secunia.com/advisories/25597
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200703-18.xml
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1336
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml
secalert@redhat.com	http://www.kb.cert.org/vuls/id/377812	US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:052
secalert@redhat.com	http://www.mozilla.org/security/announce/2007/mfsa2007-06.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
secalert@redhat.com	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
secalert@redhat.com	http://www.osvdb.org/32105
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0078.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0079.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0097.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0108.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/461336/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/461809/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/22694
secalert@redhat.com	http://www.securityfocus.com/bid/64758
secalert@redhat.com	http://www.securitytracker.com/id?1017696
secalert@redhat.com	http://www.ubuntu.com/usn/usn-428-1
secalert@redhat.com	http://www.ubuntu.com/usn/usn-431-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/0718
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/0719
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1165
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/2141
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=364319	Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/32666
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1081
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1103
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2709
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2711
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2713
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2728
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2747
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/cms/node/2749
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2007-0077.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24205	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24238	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24252	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24253	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24277	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24287	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24290	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24293	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24320	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24328	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24333	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24342
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24343	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24384	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24389	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24395	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24406
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24410	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24455
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24456
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24457
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24522	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24562	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24650	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24703	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25588
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25597
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200703-18.xml
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1336
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/377812	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:052
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2007/mfsa2007-06.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/32105
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0078.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0079.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0097.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0108.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/461336/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/461809/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22694
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/64758
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017696
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-428-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-431-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0718
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0719
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1165
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2141
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=364319	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32666
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1081
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1103
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	0.1
mozilla	firefox	0.2
mozilla	firefox	0.3
mozilla	firefox	0.4
mozilla	firefox	0.5
mozilla	firefox	0.6
mozilla	firefox	0.6.1
mozilla	firefox	0.7
mozilla	firefox	0.7.1
mozilla	firefox	0.8
mozilla	firefox	0.9
mozilla	firefox	0.9
mozilla	firefox	0.9.1
mozilla	firefox	0.9.2
mozilla	firefox	0.9.3
mozilla	firefox	0.10
mozilla	firefox	0.10.1
mozilla	firefox	1.0
mozilla	firefox	1.0
mozilla	firefox	1.0.1
mozilla	firefox	1.0.2
mozilla	firefox	1.0.3
mozilla	firefox	1.0.4
mozilla	firefox	1.0.5
mozilla	firefox	1.0.6
mozilla	firefox	1.0.7
mozilla	firefox	1.0.8
mozilla	firefox	1.4.1
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	1.5.0.2
mozilla	firefox	1.5.0.3
mozilla	firefox	1.5.0.4
mozilla	firefox	1.5.0.5
mozilla	firefox	1.5.0.6
mozilla	firefox	1.5.0.7
mozilla	firefox	1.5.0.8
mozilla	firefox	1.5.0.10
mozilla	firefox	1.5.0.11
mozilla	firefox	1.5.0.12
mozilla	firefox	2.0
mozilla	firefox	2.0.0.1
mozilla	network_security_services	3.11.2
mozilla	network_security_services	3.11.3
mozilla	network_security_services	3.11.4
mozilla	seamonkey	*
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0.1
mozilla	seamonkey	1.0.2
mozilla	seamonkey	1.0.3
mozilla	seamonkey	1.0.4
mozilla	seamonkey	1.0.5
mozilla	seamonkey	1.0.6
mozilla	thunderbird	*
mozilla	thunderbird	0.1
mozilla	thunderbird	0.2
mozilla	thunderbird	0.3
mozilla	thunderbird	0.4
mozilla	thunderbird	0.5
mozilla	thunderbird	0.6
mozilla	thunderbird	0.7
mozilla	thunderbird	0.7.1
mozilla	thunderbird	0.7.2
mozilla	thunderbird	0.7.3
mozilla	thunderbird	0.8
mozilla	thunderbird	0.9
mozilla	thunderbird	1.0
mozilla	thunderbird	1.0.1
mozilla	thunderbird	1.0.2
mozilla	thunderbird	1.0.3
mozilla	thunderbird	1.0.4
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.6
mozilla	thunderbird	1.0.7
mozilla	thunderbird	1.0.8
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5.0.1
mozilla	thunderbird	1.5.0.2
mozilla	thunderbird	1.5.0.3
mozilla	thunderbird	1.5.0.4
mozilla	thunderbird	1.5.0.5
mozilla	thunderbird	1.5.0.6
mozilla	thunderbird	1.5.0.7
mozilla	thunderbird	1.5.0.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84199209-42FB-4812-B7AF-F99CEC3E4C76",
              "versionEndIncluding": "1.5.0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7AA88B-638A-451A-B235-A1A1444BE417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C01AD7C-8470-47AB-B8AE-670E3A381E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E43F2F1-9252-4B44-8A61-D05305915A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB9D48B-DC7B-4D92-BB26-B6DE629A2506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A360D595-A829-4DDE-932E-9995626917E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9B5349-FAA7-4CDA-9533-1AD1ACDFAC4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07243837-C353-4C25-A5B1-4DA32807E97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B832C034-F793-415F-BFC8-D97A18BA6BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83CD1A13-66CB-49CC-BD84-5D8334DB774A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
              "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
              "matchCriteriaId": "438AACF8-006F-4522-853F-30DBBABD8C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18A45C0-419C-4723-AB7D-5880EF668CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD5F88F-038C-4973-8391-C40C08573F8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F474C4B3-B85D-4059-B5D9-84238A642EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BB4C26-42DC-48F7-B73B-4C88FD3D1E01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0679D9AD-ECEA-4C75-BFED-822F00A49628",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D33486-4956-4E2C-BA16-FA269A9D02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3104343E-93B6-4D4A-BC95-ED9F7E91FB6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "381313EF-DF84-4F66-9962-DE8F45029D79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "498716C3-FAA0-4156-8EAC-EF1F9A8C69F4",
              "versionEndIncluding": "1.5.0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0618BD26-0EF5-4774-9131-B5ABD4CD302A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D604DAE-DF63-413C-9F49-FFC8E84699F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DE6185-09F4-48E3-9742-F9D8030B5774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E70864-E077-4CD6-A0E8-BC2C4C298A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E565E5-286D-4A68-B085-5659DFE59A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E2A68B4-9101-4AC5-9E82-EEB5A5405541",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5263F879-9B90-4582-B677-F133DEBE5259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C256B73C-9ABC-43D4-8C57-09161BC9F923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AE4644-2D23-43EA-ABDA-7BE60EFD1EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C169DA-26BC-42EE-817B-2F0685069495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C99BAF7-B48E-4402-B2BF-EB07235E402E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F0C73F-291F-4A92-87B8-2269B5C1516D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0ADE8D7-B3C3-4490-9CD5-0263BBA75D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86FD617-E4FE-4F85-AAA4-4F968A9DEC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "938B1260-74A7-4CFF-8086-415DCC284430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28672BA-E3C2-40C3-80E1-95B7CDD089E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9308147C-0A23-48BC-BFA9-A49B9D73014E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow."
    },
    {
      "lang": "es",
      "value": "Un subdesbordamiento de enteros en el soporte SSLv2 en Mozilla Network Security Services (NSS) versiones anteriores a 3.11.5, como es usado por Firefox versiones anteriores a 1.5.0.10 y versiones 2.x anteriores a 2.0.0.2, SeaMonkey versiones anteriores a 1.0.8, Thunderbird versiones anteriores a 1.5.0.10, y ciertos productos de servidor de Sun Java System anteriores a 20070611, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un mensaje de servidor SSLv2 especialmente dise\u00f1ado que contiene una clave p\u00fablica que es demasiado corta para cifrar el \"Master Secret\", lo resulta en un desbordamiento en la regi\u00f3n heap de la memoria."
    }
  ],
  "id": "CVE-2007-0008",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-26T20:28:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2709"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2711"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/cms/node/2749"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24252"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24253"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24277"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24406"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24410"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24456"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24522"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24562"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24703"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25588"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25597"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1336"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/377812"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/32105"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/64758"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1017696"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-431-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/0719"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1165"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2141"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24252"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.338131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.363947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.374851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/377812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-06.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/32105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22694"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/64758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-428-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-431-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0718"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0719"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=364319"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-0008 (GCVE-0-2007-0008)

CERTA-2007-AVI-102

Description

Solution

CERTA-2007-AVI-155

Description

Solution

GHSA-G474-6MPQ-JJM3

GSD-2007-0008

FKIE_CVE-2007-0008

Tags

Sightings

Nomenclature