Описание
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34605
- https://issues.rpath.com/browse/RPL-1424
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10711
- http://fedoranews.org/cms/node/2747
- http://fedoranews.org/cms/node/2749
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
- http://osvdb.org/35138
- http://secunia.com/advisories/24406
- http://secunia.com/advisories/24456
- http://secunia.com/advisories/25469
- http://secunia.com/advisories/25476
- http://secunia.com/advisories/25488
- http://secunia.com/advisories/25489
- http://secunia.com/advisories/25490
- http://secunia.com/advisories/25491
- http://secunia.com/advisories/25492
- http://secunia.com/advisories/25496
- http://secunia.com/advisories/25533
- http://secunia.com/advisories/25534
- http://secunia.com/advisories/25559
- http://secunia.com/advisories/25635
- http://secunia.com/advisories/25644
- http://secunia.com/advisories/25647
- http://secunia.com/advisories/25664
- http://secunia.com/advisories/25685
- http://secunia.com/advisories/25750
- http://secunia.com/advisories/25858
- http://secunia.com/advisories/27427
- http://secunia.com/advisories/28363
- http://security.gentoo.org/glsa/glsa-200706-06.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103125-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-201505-1
- http://www.debian.org/security/2007/dsa-1300
- http://www.debian.org/security/2007/dsa-1305
- http://www.debian.org/security/2007/dsa-1306
- http://www.debian.org/security/2007/dsa-1308
- http://www.kb.cert.org/vuls/id/609956
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:119
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:120
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:131
- http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
- http://www.novell.com/linux/security/advisories/2007_36_mozilla.html
- http://www.redhat.com/support/errata/RHSA-2007-0400.html
- http://www.redhat.com/support/errata/RHSA-2007-0401.html
- http://www.redhat.com/support/errata/RHSA-2007-0402.html
- http://www.securityfocus.com/archive/1/470172/100/200/threaded
- http://www.securityfocus.com/archive/1/471842/100/0/threaded
- http://www.securityfocus.com/bid/24242
- http://www.securitytracker.com/id?1018151
- http://www.securitytracker.com/id?1018152
- http://www.securitytracker.com/id?1018153
- http://www.ubuntu.com/usn/usn-468-1
- http://www.ubuntu.com/usn/usn-469-1
- http://www.us-cert.gov/cas/techalerts/TA07-151A.html
- http://www.vupen.com/english/advisories/2007/1994
- http://www.vupen.com/english/advisories/2007/3632
- http://www.vupen.com/english/advisories/2008/0082
Связанные уязвимости
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...
ELSA-2007-0400: Critical: firefox security update (CRITICAL)