Home > Vulnerability Database > CVE-2007-2867

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-2867

Date: May 31, 2007

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.

Severity Score

8.1

Related Resources (64)

Url: http://www.securityfocus.com/archive/1/471842/100/0/threaded

Url: http://fedoranews.org/cms/node/2747

Url: http://fedoranews.org/cms/node/2749

Url: http://www.novell.com/linux/security/advisories/2007_36_mozilla.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10066

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-2867

Url: http://www.redhat.com/support/errata/RHSA-2007-0401.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/34604

Url: http://secunia.com/advisories/24406

Url: http://osvdb.org/35134

Url: http://secunia.com/advisories/25858

Url: http://secunia.com/advisories/25496

Url: http://www.redhat.com/support/errata/RHSA-2007-0400.html

Url: http://www.mozilla.org/security/announce/2007/mfsa2007-12.html

Url: http://www.securityfocus.com/archive/1/470172/100/200/threaded

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

Url: http://secunia.com/advisories/25533

Url: http://secunia.com/advisories/25534

Url: http://www.ubuntu.com/usn/usn-468-1

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Url: http://www.securitytracker.com/id?1018153

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

Url: http://www.securitytracker.com/id?1018151

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:119

Url: http://secunia.com/advisories/25469

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103136-1

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:126

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:120

Url: http://www.securityfocus.com/bid/24242

Url: http://secunia.com/advisories/24456

Url: http://www.redhat.com/support/errata/RHSA-2007-0402.html

Url: http://secunia.com/advisories/25664

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-2867

Url: https://access.redhat.com/security/cve/CVE-2007-2867

Url: http://www.debian.org/security/2007/dsa-1306

Url: http://www.debian.org/security/2007/dsa-1305

Url: http://www.debian.org/security/2007/dsa-1308

Url: https://issues.rpath.com/browse/RPL-1424

Url: http://www.vupen.com/english/advisories/2007/3664

Url: http://www.debian.org/security/2007/dsa-1300

Url: http://secunia.com/advisories/25559

Url: http://secunia.com/advisories/25635

Url: http://www.vupen.com/english/advisories/2008/0082

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201532-1

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:131

Url: http://secunia.com/advisories/25750

Url: http://www.ubuntu.com/usn/usn-469-1

Url: http://secunia.com/advisories/25476

Url: http://secunia.com/advisories/28363

Url: http://secunia.com/advisories/25492

Url: http://secunia.com/advisories/25490

Url: http://secunia.com/advisories/25491

Url: http://www.vupen.com/english/advisories/2007/1994

Url: http://www.kb.cert.org/vuls/id/751636

Url: http://secunia.com/advisories/25647

Url: http://security.gentoo.org/glsa/glsa-200706-06.xml

Url: http://www.us-cert.gov/cas/techalerts/TA07-151A.html

Url: http://secunia.com/advisories/25489

Url: http://secunia.com/advisories/25644

Url: http://secunia.com/advisories/25685

Url: http://secunia.com/advisories/27423

Url: http://secunia.com/advisories/25488

Url: https://www.mend.io/vulnerability-database/CVE-2007-2867

Severity Score

8.1

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us