Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-0009

Опубликовано: 26 фев. 2007
Источник: nvd
CVSS2: 6.8
EPSS Средний

Описание

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 1.5 (включая) до 1.5.0.10 (исключая)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.0.0.2 (исключая)
cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*
Версия до 3.11.5 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия до 1.0.8 (исключая)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Версия до 1.5.0.10 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.48677
Средний

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2007-0009

ubuntu
больше 18 лет назад

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

redhat логотип

CVE-2007-0009

redhat
больше 18 лет назад

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

debian логотип

CVE-2007-0009

debian
больше 18 лет назад

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Se ...

github логотип

GHSA-f72q-g9vm-gpmq

github
больше 3 лет назад

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

EPSS

Процентиль: 98%
0.48677
Средний

6.8 Medium

CVSS2

Дефекты

CWE-119