CVE-2007-1794

HIGH

Description

The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805.

References

http://secunia.com/advisories/24624

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102865-1

http://www.vupen.com/english/advisories/2007/1178

Details

Source: MITRE

Published: 2007-04-02

Updated: 2018-10-30

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
27941Ubuntu 5.04 / 5.10 : mozilla vulnerabilities (USN-361-1)NessusUbuntu Local Security Checks
critical
27930Ubuntu 5.10 : mozilla-thunderbird vulnerabilities (USN-350-1)NessusUbuntu Local Security Checks
critical
27908Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-329-1)NessusUbuntu Local Security Checks
critical
27905Ubuntu 6.06 LTS : firefox vulnerabilities (USN-327-1)NessusUbuntu Local Security Checks
critical
23894Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:146)NessusMandriva Local Security Checks
critical
23892Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:143-1)NessusMandriva Local Security Checks
critical
23773Solaris 9 (x86) : 120672-08NessusSolaris Local Security Checks
critical
23772Solaris 8 (x86) : 120672-08NessusSolaris Local Security Checks
critical
22987Solaris 10 (x86) : 119116-35 (deprecated)NessusSolaris Local Security Checks
critical
22954Solaris 10 (sparc) : 119115-36 (deprecated)NessusSolaris Local Security Checks
critical