CVE-2007-0008

Current Description

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.

Basic Data

PublishedFebruary 26, 2007
Last ModifiedOctober 16, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-189
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.8
SeverityMEDIUM
Exploitability Score8.6
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationMozillaFirefox0.1*******
    2.3ApplicationMozillaFirefox0.2*******
    2.3ApplicationMozillaFirefox0.3*******
    2.3ApplicationMozillaFirefox0.4*******
    2.3ApplicationMozillaFirefox0.5*******
    2.3ApplicationMozillaFirefox0.6*******
    2.3ApplicationMozillaFirefox0.6.1*******
    2.3ApplicationMozillaFirefox0.7*******
    2.3ApplicationMozillaFirefox0.7.1*******
    2.3ApplicationMozillaFirefox0.8*******
    2.3ApplicationMozillaFirefox0.9*******
    2.3ApplicationMozillaFirefox0.9rc******
    2.3ApplicationMozillaFirefox0.9.1*******
    2.3ApplicationMozillaFirefox0.9.2*******
    2.3ApplicationMozillaFirefox0.9.3*******
    2.3ApplicationMozillaFirefox0.10*******
    2.3ApplicationMozillaFirefox0.10.1*******
    2.3ApplicationMozillaFirefox1.0*******
    2.3ApplicationMozillaFirefox1.0preview_release******
    2.3ApplicationMozillaFirefox1.0.1*******
    2.3ApplicationMozillaFirefox1.0.2*******
    2.3ApplicationMozillaFirefox1.0.3*******
    2.3ApplicationMozillaFirefox1.0.4*******
    2.3ApplicationMozillaFirefox1.0.5*******
    2.3ApplicationMozillaFirefox1.0.6*******
    2.3ApplicationMozillaFirefox1.0.7*******
    2.3ApplicationMozillaFirefox1.0.8*******
    2.3ApplicationMozillaFirefox1.4.1*******
    2.3ApplicationMozillaFirefox1.5*******
    2.3ApplicationMozillaFirefox1.5.0.1*******
    2.3ApplicationMozillaFirefox1.5.0.2*******
    2.3ApplicationMozillaFirefox1.5.0.3*******
    2.3ApplicationMozillaFirefox1.5.0.4*******
    2.3ApplicationMozillaFirefox1.5.0.5*******
    2.3ApplicationMozillaFirefox1.5.0.6*******
    2.3ApplicationMozillaFirefox1.5.0.7*******
    2.3ApplicationMozillaFirefox1.5.0.8*******
    2.3ApplicationMozillaFirefox********1.5.0.9
    2.3ApplicationMozillaFirefox1.5.0.10*******
    2.3ApplicationMozillaFirefox1.5.0.11*******
    2.3ApplicationMozillaFirefox1.5.0.12*******
    2.3ApplicationMozillaFirefox2.0*******
    2.3ApplicationMozillaFirefox2.0.0.1*******
    2.3ApplicationMozillaNetwork Security Services3.11.2*******
    2.3ApplicationMozillaNetwork Security Services3.11.3*******
    2.3ApplicationMozillaNetwork Security Services3.11.4*******
    2.3ApplicationMozillaSeamonkey1.0*******
    2.3ApplicationMozillaSeamonkey1.0.1*******
    2.3ApplicationMozillaSeamonkey1.0.2*******
    2.3ApplicationMozillaSeamonkey1.0.3*******
    2.3ApplicationMozillaSeamonkey1.0.4*******
    2.3ApplicationMozillaSeamonkey1.0.5*******
    2.3ApplicationMozillaSeamonkey1.0.6*******
    2.3ApplicationMozillaSeamonkey********1.0.7
    2.3ApplicationMozillaThunderbird0.1*******
    2.3ApplicationMozillaThunderbird0.2*******
    2.3ApplicationMozillaThunderbird0.3*******
    2.3ApplicationMozillaThunderbird0.4*******
    2.3ApplicationMozillaThunderbird0.5*******
    2.3ApplicationMozillaThunderbird0.6*******
    2.3ApplicationMozillaThunderbird0.7*******
    2.3ApplicationMozillaThunderbird0.7.1*******
    2.3ApplicationMozillaThunderbird0.7.2*******
    2.3ApplicationMozillaThunderbird0.7.3*******
    2.3ApplicationMozillaThunderbird0.8*******
    2.3ApplicationMozillaThunderbird0.9*******
    2.3ApplicationMozillaThunderbird1.0*******
    2.3ApplicationMozillaThunderbird1.0.1*******
    2.3ApplicationMozillaThunderbird1.0.2*******
    2.3ApplicationMozillaThunderbird1.0.3*******
    2.3ApplicationMozillaThunderbird1.0.4*******
    2.3ApplicationMozillaThunderbird1.0.5*******
    2.3ApplicationMozillaThunderbird1.0.6*******
    2.3ApplicationMozillaThunderbird1.0.7*******
    2.3ApplicationMozillaThunderbird1.0.8*******
    2.3ApplicationMozillaThunderbird1.5*******
    2.3ApplicationMozillaThunderbird1.5beta2******
    2.3ApplicationMozillaThunderbird1.5.0.1*******
    2.3ApplicationMozillaThunderbird1.5.0.2*******
    2.3ApplicationMozillaThunderbird1.5.0.3*******
    2.3ApplicationMozillaThunderbird1.5.0.4*******
    2.3ApplicationMozillaThunderbird1.5.0.5*******
    2.3ApplicationMozillaThunderbird1.5.0.6*******
    2.3ApplicationMozillaThunderbird1.5.0.7*******
    2.3ApplicationMozillaThunderbird1.5.0.8*******
    2.3ApplicationMozillaThunderbird********1.5.0.9

Vulnerable Software List

VendorProductVersions
Mozilla Firefox *, 0.1, 0.10, 0.10.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.6.1, 0.7, 0.7.1, 0.8, 0.9, 0.9.1, 0.9.2, 0.9.3, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.4.1, 1.5, 1.5.0.1, 1.5.0.10, 1.5.0.11, 1.5.0.12, 1.5.0.2, 1.5.0.3, 1.5.0.4, 1.5.0.5, 1.5.0.6, 1.5.0.7, 1.5.0.8, 2.0, 2.0.0.1
Mozilla Thunderbird *, 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.8, 0.9, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.5, 1.5.0.1, 1.5.0.2, 1.5.0.3, 1.5.0.4, 1.5.0.5, 1.5.0.6, 1.5.0.7, 1.5.0.8
Mozilla Seamonkey *, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6
Mozilla Network Security Services 3.11.2, 3.11.3, 3.11.4

References

NameSourceURLTags
20070202-01-Pftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.ascSGI
20070301-01-Pftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.ascSGI
FEDORA-2007-278http://fedoranews.org/cms/node/2709FEDORA
FEDORA-2007-279http://fedoranews.org/cms/node/2711FEDORA
FEDORA-2007-281http://fedoranews.org/cms/node/2713FEDORA
FEDORA-2007-293http://fedoranews.org/cms/node/2728FEDORA
FEDORA-2007-308http://fedoranews.org/cms/node/2747FEDORA
FEDORA-2007-309http://fedoranews.org/cms/node/2749FEDORA
HPSBUX02153http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742HP
20070223 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerabilityhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482IDEFENSEVendor Advisory
SUSE-SA:2007:019http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.htmlSUSE
RHSA-2007:0077http://rhn.redhat.com/errata/RHSA-2007-0077.htmlREDHAT
24205http://secunia.com/advisories/24205SECUNIAVendor Advisory
24238http://secunia.com/advisories/24238SECUNIAVendor Advisory
24252http://secunia.com/advisories/24252SECUNIAVendor Advisory
24253http://secunia.com/advisories/24253SECUNIAVendor Advisory
24277http://secunia.com/advisories/24277SECUNIAVendor Advisory
24287http://secunia.com/advisories/24287SECUNIAVendor Advisory
24290http://secunia.com/advisories/24290SECUNIAVendor Advisory
24293http://secunia.com/advisories/24293SECUNIAVendor Advisory
24320http://secunia.com/advisories/24320SECUNIAVendor Advisory
24328http://secunia.com/advisories/24328SECUNIAVendor Advisory
24333http://secunia.com/advisories/24333SECUNIAVendor Advisory
24342http://secunia.com/advisories/24342SECUNIA
24343http://secunia.com/advisories/24343SECUNIAVendor Advisory
24384http://secunia.com/advisories/24384SECUNIAVendor Advisory
24389http://secunia.com/advisories/24389SECUNIAVendor Advisory
24395http://secunia.com/advisories/24395SECUNIAVendor Advisory
24406http://secunia.com/advisories/24406SECUNIA
24410http://secunia.com/advisories/24410SECUNIAVendor Advisory
24455http://secunia.com/advisories/24455SECUNIA
24456http://secunia.com/advisories/24456SECUNIA
24457http://secunia.com/advisories/24457SECUNIA
24522http://secunia.com/advisories/24522SECUNIAVendor Advisory
24562http://secunia.com/advisories/24562SECUNIAVendor Advisory
24650http://secunia.com/advisories/24650SECUNIAVendor Advisory
24703http://secunia.com/advisories/24703SECUNIAVendor Advisory
25588http://secunia.com/advisories/25588SECUNIA
25597http://secunia.com/advisories/25597SECUNIA
GLSA-200703-18http://security.gentoo.org/glsa/glsa-200703-18.xmlGENTOO
SSA:2007-066-05http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131SLACKWARE
SSA:2007-066-04http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947SLACKWARE
SSA:2007-066-03http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851SLACKWARE
102856http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1SUNALERT
102945http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1SUNALERT
DSA-1336http://www.debian.org/security/2007/dsa-1336DEBIAN
GLSA-200703-22http://www.gentoo.org/security/en/glsa/glsa-200703-22.xmlGENTOO
VU#377812http://www.kb.cert.org/vuls/id/377812CERT-VNUS Government Resource
MDKSA-2007:050http://www.mandriva.com/security/advisories?name=MDKSA-2007:050MANDRIVA
MDKSA-2007:052http://www.mandriva.com/security/advisories?name=MDKSA-2007:052MANDRIVA
http://www.mozilla.org/security/announce/2007/mfsa2007-06.htmlhttp://www.mozilla.org/security/announce/2007/mfsa2007-06.htmlCONFIRMPatch Vendor Advisory
SUSE-SA:2007:022http://www.novell.com/linux/security/advisories/2007_22_mozilla.htmlSUSE
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlCONFIRM
32105http://www.osvdb.org/32105OSVDB
RHSA-2007:0078http://www.redhat.com/support/errata/RHSA-2007-0078.htmlREDHAT
RHSA-2007:0079http://www.redhat.com/support/errata/RHSA-2007-0079.htmlREDHAT
RHSA-2007:0097http://www.redhat.com/support/errata/RHSA-2007-0097.htmlREDHAT
RHSA-2007:0108http://www.redhat.com/support/errata/RHSA-2007-0108.htmlREDHAT
20070226 rPSA-2007-0040-1 firefoxhttp://www.securityfocus.com/archive/1/461336/100/0/threadedBUGTRAQ
20070303 rPSA-2007-0040-3 firefox thunderbirdhttp://www.securityfocus.com/archive/1/461809/100/0/threadedBUGTRAQ
22694http://www.securityfocus.com/bid/22694BID
64758http://www.securityfocus.com/bid/64758BID
1017696http://www.securitytracker.com/id?1017696SECTRACK
USN-428-1http://www.ubuntu.com/usn/usn-428-1UBUNTU
USN-431-1http://www.ubuntu.com/usn/usn-431-1UBUNTU
ADV-2007-0718http://www.vupen.com/english/advisories/2007/0718VUPEN
ADV-2007-0719http://www.vupen.com/english/advisories/2007/0719VUPEN
ADV-2007-1165http://www.vupen.com/english/advisories/2007/1165VUPEN
ADV-2007-2141http://www.vupen.com/english/advisories/2007/2141VUPEN
https://bugzilla.mozilla.org/show_bug.cgi?id=364319https://bugzilla.mozilla.org/show_bug.cgi?id=364319MISCVendor Advisory
nss-mastersecret-bo(32666)https://exchange.xforce.ibmcloud.com/vulnerabilities/32666XF
https://issues.rpath.com/browse/RPL-1081https://issues.rpath.com/browse/RPL-1081CONFIRM
https://issues.rpath.com/browse/RPL-1103https://issues.rpath.com/browse/RPL-1103CONFIRM
oval:org.mitre.oval:def:10502https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10502OVAL