// For flags

CVE-2007-0777

 

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.

El motor JavaScript de Mozilla Firefox anterior a 1.5.0.10 y 2.x anterior a 2.0.0.2, Thunderbird anterior a 1.5.0.10, y SeaMonkey anterior a 1.0.8 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante determinados vectores que disparan una corrupción de memoria.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-02-06 CVE Reserved
  • 2007-02-26 CVE Published
  • 2024-02-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (63)
URL Tag Source
http://secunia.com/advisories/24205 Third Party Advisory
http://secunia.com/advisories/24238 Third Party Advisory
http://secunia.com/advisories/24252 Third Party Advisory
http://secunia.com/advisories/24287 Third Party Advisory
http://secunia.com/advisories/24290 Third Party Advisory
http://secunia.com/advisories/24293 Third Party Advisory
http://secunia.com/advisories/24320 Third Party Advisory
http://secunia.com/advisories/24328 Third Party Advisory
http://secunia.com/advisories/24333 Third Party Advisory
http://secunia.com/advisories/24342 Third Party Advisory
http://secunia.com/advisories/24343 Third Party Advisory
http://secunia.com/advisories/24384 Third Party Advisory
http://secunia.com/advisories/24389 Third Party Advisory
http://secunia.com/advisories/24393 Third Party Advisory
http://secunia.com/advisories/24395 Third Party Advisory
http://secunia.com/advisories/24406 Third Party Advisory
http://secunia.com/advisories/24410 Third Party Advisory
http://secunia.com/advisories/24437 Third Party Advisory
http://secunia.com/advisories/24455 Third Party Advisory
http://secunia.com/advisories/24456 Third Party Advisory
http://secunia.com/advisories/24457 Third Party Advisory
http://secunia.com/advisories/24522 Third Party Advisory
http://secunia.com/advisories/24650 Third Party Advisory
http://www.kb.cert.org/vuls/id/269484 Third Party Advisory
http://www.osvdb.org/32115 Broken Link
http://www.securityfocus.com/archive/1/461336/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/461809/100/0/threaded Mailing List
http://www.securityfocus.com/bid/22694 Third Party Advisory
http://www.securitytracker.com/id?1017698 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0718 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0719 Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32699 Third Party Advisory
https://issues.rpath.com/browse/RPL-1081 Broken Link
https://issues.rpath.com/browse/RPL-1103 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11331 Signature
URL Date SRC
URL Date SRC
http://www.mozilla.org/security/announce/2007/mfsa2007-01.html 2019-10-09
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc 2019-10-09
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc 2019-10-09
http://fedoranews.org/cms/node/2713 2019-10-09
http://fedoranews.org/cms/node/2728 2019-10-09
http://fedoranews.org/cms/node/2747 2019-10-09
http://fedoranews.org/cms/node/2749 2019-10-09
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 2019-10-09
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html 2019-10-09
http://rhn.redhat.com/errata/RHSA-2007-0077.html 2019-10-09
http://security.gentoo.org/glsa/glsa-200703-04.xml 2019-10-09
http://security.gentoo.org/glsa/glsa-200703-18.xml 2019-10-09
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 2019-10-09
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947 2019-10-09
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 2019-10-09
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml 2019-10-09
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 2019-10-09
http://www.mandriva.com/security/advisories?name=MDKSA-2007:052 2019-10-09
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0078.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0079.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0097.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0108.html 2019-10-09
http://www.ubuntu.com/usn/usn-428-1 2019-10-09
http://www.ubuntu.com/usn/usn-431-1 2019-10-09
https://access.redhat.com/security/cve/CVE-2007-0777 2007-03-14
https://bugzilla.redhat.com/show_bug.cgi?id=1618275 2007-03-14
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 >= 1.5 < 1.5.0.10
Search vendor "Mozilla" for product "Firefox" and version " >= 1.5 < 1.5.0.10"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 >= 2.0 < 2.0.0.2
Search vendor "Mozilla" for product "Firefox" and version " >= 2.0 < 2.0.0.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Seamonkey
Search vendor "Mozilla" for product "Seamonkey"
 < 1.0.8
Search vendor "Mozilla" for product "Seamonkey" and version " < 1.0.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Thunderbird
Search vendor "Mozilla" for product "Thunderbird"
 < 1.5.0.10
Search vendor "Mozilla" for product "Thunderbird" and version " < 1.5.0.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 5.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "5.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.06
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10"
-
Affected