Home > Vulnerability Database > CVE-2007-2868

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-2868

Date: May 31, 2007

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.

Severity Score

8.1

Related Resources (64)

Url: http://www.securityfocus.com/archive/1/471842/100/0/threaded

Url: http://fedoranews.org/cms/node/2747

Url: http://fedoranews.org/cms/node/2749

Url: http://www.novell.com/linux/security/advisories/2007_36_mozilla.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-2868

Url: http://www.redhat.com/support/errata/RHSA-2007-0401.html

Url: http://www.kb.cert.org/vuls/id/609956

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/34605

Url: http://secunia.com/advisories/24406

Url: http://secunia.com/advisories/25858

Url: http://secunia.com/advisories/25496

Url: http://www.redhat.com/support/errata/RHSA-2007-0400.html

Url: http://www.mozilla.org/security/announce/2007/mfsa2007-12.html

Url: http://www.securityfocus.com/archive/1/470172/100/200/threaded

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

Url: http://osvdb.org/35138

Url: http://secunia.com/advisories/25533

Url: http://secunia.com/advisories/25534

Url: http://www.ubuntu.com/usn/usn-468-1

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Url: http://www.securitytracker.com/id?1018153

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

Url: http://www.securitytracker.com/id?1018152

Url: http://www.securitytracker.com/id?1018151

Url: http://www.vupen.com/english/advisories/2007/3632

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:119

Url: http://secunia.com/advisories/25469

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:120

Url: http://www.securityfocus.com/bid/24242

Url: http://secunia.com/advisories/24456

Url: https://access.redhat.com/security/cve/CVE-2007-2868

Url: http://www.redhat.com/support/errata/RHSA-2007-0402.html

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201505-1

Url: http://secunia.com/advisories/25664

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-2868

Url: http://www.debian.org/security/2007/dsa-1306

Url: http://www.debian.org/security/2007/dsa-1305

Url: http://www.debian.org/security/2007/dsa-1308

Url: https://issues.rpath.com/browse/RPL-1424

Url: http://www.debian.org/security/2007/dsa-1300

Url: http://secunia.com/advisories/25559

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103125-1

Url: http://secunia.com/advisories/25635

Url: http://www.vupen.com/english/advisories/2008/0082

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10711

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:131

Url: http://secunia.com/advisories/25750

Url: http://www.ubuntu.com/usn/usn-469-1

Url: http://secunia.com/advisories/25476

Url: http://secunia.com/advisories/28363

Url: http://secunia.com/advisories/25492

Url: http://secunia.com/advisories/25490

Url: http://secunia.com/advisories/25491

Url: http://www.vupen.com/english/advisories/2007/1994

Url: http://secunia.com/advisories/25647

Url: http://secunia.com/advisories/27427

Url: http://security.gentoo.org/glsa/glsa-200706-06.xml

Url: http://www.us-cert.gov/cas/techalerts/TA07-151A.html

Url: http://secunia.com/advisories/25489

Url: http://secunia.com/advisories/25644

Url: http://secunia.com/advisories/25685

Url: http://secunia.com/advisories/25488

Url: https://www.mend.io/vulnerability-database/CVE-2007-2868

Severity Score

8.1

Weakness Type (CWE)

Code Injection

CWE-94

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us