CVE-2007-0008

MEDIUM

Description

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.

References

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

http://fedoranews.org/cms/node/2709

http://fedoranews.org/cms/node/2711

http://fedoranews.org/cms/node/2713

http://fedoranews.org/cms/node/2728

http://fedoranews.org/cms/node/2747

http://fedoranews.org/cms/node/2749

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

http://rhn.redhat.com/errata/RHSA-2007-0077.html

http://secunia.com/advisories/24205

http://secunia.com/advisories/24238

http://secunia.com/advisories/24252

http://secunia.com/advisories/24253

http://secunia.com/advisories/24277

http://secunia.com/advisories/24287

http://secunia.com/advisories/24290

http://secunia.com/advisories/24293

http://secunia.com/advisories/24320

http://secunia.com/advisories/24328

http://secunia.com/advisories/24333

http://secunia.com/advisories/24342

http://secunia.com/advisories/24343

http://secunia.com/advisories/24384

http://secunia.com/advisories/24389

http://secunia.com/advisories/24395

http://secunia.com/advisories/24406

http://secunia.com/advisories/24410

http://secunia.com/advisories/24455

http://secunia.com/advisories/24456

http://secunia.com/advisories/24457

http://secunia.com/advisories/24522

http://secunia.com/advisories/24562

http://secunia.com/advisories/24650

http://secunia.com/advisories/24703

http://secunia.com/advisories/25588

http://secunia.com/advisories/25597

http://security.gentoo.org/glsa/glsa-200703-18.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1

http://www.debian.org/security/2007/dsa-1336

http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml

http://www.kb.cert.org/vuls/id/377812

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

http://www.mandriva.com/security/advisories?name=MDKSA-2007:052

http://www.mozilla.org/security/announce/2007/mfsa2007-06.html

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

http://www.osvdb.org/32105

http://www.redhat.com/support/errata/RHSA-2007-0078.html

http://www.redhat.com/support/errata/RHSA-2007-0079.html

http://www.redhat.com/support/errata/RHSA-2007-0097.html

http://www.redhat.com/support/errata/RHSA-2007-0108.html

http://www.securityfocus.com/archive/1/461336/100/0/threaded

http://www.securityfocus.com/archive/1/461809/100/0/threaded

http://www.securityfocus.com/bid/22694

http://www.securityfocus.com/bid/64758

http://www.securitytracker.com/id?1017696

http://www.ubuntu.com/usn/usn-428-1

http://www.ubuntu.com/usn/usn-431-1

http://www.vupen.com/english/advisories/2007/0718

http://www.vupen.com/english/advisories/2007/0719

http://www.vupen.com/english/advisories/2007/1165

http://www.vupen.com/english/advisories/2007/2141

https://bugzilla.mozilla.org/show_bug.cgi?id=364319

https://exchange.xforce.ibmcloud.com/vulnerabilities/32666

https://issues.rpath.com/browse/RPL-1081

https://issues.rpath.com/browse/RPL-1103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502

Details

Source: MITRE

Published: 2007-02-26

Updated: 2018-10-16

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM