9.3

CVE-2007-0777

EPSS 41.89%
Published 26.02.2007 19:28:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.

Affected products Warnungen 0 Metrics 2 CWE 1 References 64

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version >= 1.5 < 1.5.0.10

Mozilla ≫ Firefox Version >= 2.0 < 2.0.0.2

Mozilla ≫ Seamonkey Version < 1.0.8

Mozilla ≫ Thunderbird Version < 1.5.0.10

Canonical ≫ Ubuntu Linux Version5.10

Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts

Canonical ≫ Ubuntu Linux Version6.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	41.89%	0.971

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.vupen.com/english/advisories/2008/0083

Third Party Advisory

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Broken Link

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

Broken Link

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

Broken Link

http://fedoranews.org/cms/node/2713

Broken Link

http://fedoranews.org/cms/node/2728

Broken Link

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

Broken Link

http://rhn.redhat.com/errata/RHSA-2007-0077.html

Third Party Advisory

http://secunia.com/advisories/24205

Third Party Advisory

http://secunia.com/advisories/24238

Third Party Advisory

http://secunia.com/advisories/24287

Third Party Advisory

http://secunia.com/advisories/24290

Third Party Advisory

http://secunia.com/advisories/24293

Third Party Advisory

http://secunia.com/advisories/24320

Third Party Advisory

http://secunia.com/advisories/24328

Third Party Advisory

http://secunia.com/advisories/24333

Third Party Advisory

http://secunia.com/advisories/24342

Third Party Advisory

http://secunia.com/advisories/24343

Third Party Advisory

http://secunia.com/advisories/24384

Third Party Advisory

http://secunia.com/advisories/24393

Third Party Advisory

http://secunia.com/advisories/24395

Third Party Advisory

http://secunia.com/advisories/24437

Third Party Advisory

http://secunia.com/advisories/24457

Third Party Advisory

http://secunia.com/advisories/24650

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200703-04.xml

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

Third Party Advisory

Mailing List

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

Third Party Advisory

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

Broken Link

http://www.redhat.com/support/errata/RHSA-2007-0078.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0079.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0097.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0108.html

Third Party Advisory

http://www.securityfocus.com/archive/1/461336/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/archive/1/461809/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/22694

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-428-1

Third Party Advisory

http://www.vupen.com/english/advisories/2007/0718

Third Party Advisory

https://issues.rpath.com/browse/RPL-1081

Broken Link

https://issues.rpath.com/browse/RPL-1103

Broken Link

http://secunia.com/advisories/24455

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

Third Party Advisory

Mailing List

http://fedoranews.org/cms/node/2747

Broken Link

http://fedoranews.org/cms/node/2749

Broken Link

http://secunia.com/advisories/24252

Third Party Advisory

http://secunia.com/advisories/24389

Third Party Advisory

http://secunia.com/advisories/24406

Third Party Advisory

http://secunia.com/advisories/24410

Third Party Advisory

http://secunia.com/advisories/24456

Third Party Advisory

http://secunia.com/advisories/24522

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200703-18.xml

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

Third Party Advisory

Mailing List

http://www.mandriva.com/security/advisories?name=MDKSA-2007:052

Third Party Advisory

http://www.mozilla.org/security/announce/2007/mfsa2007-01.html

Patch

Vendor Advisory

http://www.securitytracker.com/id?1017698

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-431-1

Third Party Advisory

http://www.vupen.com/english/advisories/2007/0719

Third Party Advisory

http://www.kb.cert.org/vuls/id/269484

Third Party Advisory

US Government Resource

http://www.osvdb.org/32115

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/32699

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11331

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-0777

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0777

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0777

EUVD