Vulnerability Details : CVE-2007-0777
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2007-0777
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0777
96.66%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0777
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2007-0777
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-0777
-
http://www.redhat.com/support/errata/RHSA-2007-0078.html
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0097.html
Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32699
Third Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2008/0083
Webmail: access your OVH emails on ovhcloud.com | OVHcloudThird Party Advisory
-
http://www.ubuntu.com/usn/usn-431-1
Third Party Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
Broken Link
-
http://fedoranews.org/cms/node/2728
Broken Link
-
http://www.vupen.com/english/advisories/2007/0719
Third Party Advisory
-
http://fedoranews.org/cms/node/2747
Broken Link
-
http://www.mozilla.org/security/announce/2007/mfsa2007-01.html
Patch;Vendor Advisory
-
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
Broken Link
-
http://www.securityfocus.com/bid/22694
Third Party Advisory;VDB Entry
-
http://www.redhat.com/support/errata/RHSA-2007-0079.html
Third Party Advisory
-
http://fedoranews.org/cms/node/2713
Broken Link
-
http://www.vupen.com/english/advisories/2007/0718
Third Party Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
Broken Link
-
http://security.gentoo.org/glsa/glsa-200703-18.xml
Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0108.html
Third Party Advisory
-
http://security.gentoo.org/glsa/glsa-200703-04.xml
Mozilla Firefox: Multiple vulnerabilities (GLSA 200703-04) — Gentoo securityThird Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:052
Third Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
Mailing List;Third Party Advisory
-
http://www.securityfocus.com/archive/1/461336/100/0/threaded
VDB Entry;Third Party Advisory
-
http://www.kb.cert.org/vuls/id/269484
Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11331
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-428-1
Third Party Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
SeaMonkey: Multiple vulnerabilities (GLSA 200703-08) — Gentoo securityThird Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
Mailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2007-0077.html
Third Party Advisory
-
https://issues.rpath.com/browse/RPL-1081
Broken Link
-
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
Broken Link
-
http://www.securityfocus.com/archive/1/461809/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1017698
VDB Entry;Third Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
Mailing List;Third Party Advisory
-
http://fedoranews.org/cms/node/2749
Broken Link
-
https://issues.rpath.com/browse/RPL-1103
Broken Link
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
Broken Link
Jump to