Oval Definition:oval:org.mitre.oval:def:10174
Revision Date:2013-04-29Version:12
Title:Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
Description:Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-0009
Platform(s):CentOS Linux 3
CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • seamonkey-nspr is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-js-debugger is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-nss-devel is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-nspr-devel is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-mail is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-chat is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-devel is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-dom-inspector is earlier than 0:1.0.8-0.2.el3
  • OR seamonkey-nss is earlier than 0:1.0.8-0.2.el3
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • devhelp-devel is earlier than 0:0.10-0.7.el4
  • OR seamonkey-nspr is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-js-debugger is earlier than 0:1.0.8-0.2.el4
  • OR thunderbird is earlier than 0:1.5.0.10-0.1.el4
  • OR seamonkey-nss-devel is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-nspr-devel is earlier than 0:1.0.8-0.2.el4
  • OR devhelp is earlier than 0:0.10-0.7.el4
  • OR firefox is earlier than 0:1.5.0.10-0.1.el4
  • OR seamonkey-mail is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-chat is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-nss is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-devel is earlier than 0:1.0.8-0.2.el4
  • OR seamonkey-dom-inspector is earlier than 0:1.0.8-0.2.el4
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • firefox-devel is earlier than 0:1.5.0.10-2.el5
  • OR yelp is earlier than 0:2.16.0-14.0.1.el5
  • OR devhelp-devel is earlier than 0:0.12-10.0.1.el5
  • OR devhelp is earlier than 0:0.12-10.0.1.el5
  • OR firefox is earlier than 0:1.5.0.10-2.el5
  • OR thunderbird is earlier than 0:1.5.0.10-1.el5
    • BACK