Unrated severityNVD Advisory· Published Jun 1, 2007· Updated Apr 23, 2026
CVE-2007-2868
CVE-2007-2868
Description
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.
Affected products
33cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
60- secunia.com/advisories/24406nvdVendor Advisory
- secunia.com/advisories/24456nvdVendor Advisory
- secunia.com/advisories/25469nvdVendor Advisory
- secunia.com/advisories/25476nvdVendor Advisory
- secunia.com/advisories/25488nvdVendor Advisory
- secunia.com/advisories/25489nvdVendor Advisory
- secunia.com/advisories/25490nvdVendor Advisory
- secunia.com/advisories/25491nvdVendor Advisory
- secunia.com/advisories/25492nvdVendor Advisory
- secunia.com/advisories/25496nvdVendor Advisory
- secunia.com/advisories/25533nvdVendor Advisory
- secunia.com/advisories/25534nvdVendor Advisory
- secunia.com/advisories/25559nvdVendor Advisory
- secunia.com/advisories/25635nvdVendor Advisory
- secunia.com/advisories/25644nvdVendor Advisory
- secunia.com/advisories/25647nvdVendor Advisory
- secunia.com/advisories/25664nvdVendor Advisory
- secunia.com/advisories/25685nvdVendor Advisory
- secunia.com/advisories/25750nvdVendor Advisory
- www.mozilla.org/security/announce/2007/mfsa2007-12.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/609956nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-151A.htmlnvdUS Government Resource
- fedoranews.org/cms/node/2747nvd
- fedoranews.org/cms/node/2749nvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- osvdb.org/35138nvd
- secunia.com/advisories/25858nvd
- secunia.com/advisories/27427nvd
- secunia.com/advisories/28363nvd
- security.gentoo.org/glsa/glsa-200706-06.xmlnvd
- slackware.com/security/viewer.phpnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2007/dsa-1300nvd
- www.debian.org/security/2007/dsa-1305nvd
- www.debian.org/security/2007/dsa-1306nvd
- www.debian.org/security/2007/dsa-1308nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_36_mozilla.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0400.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0401.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0402.htmlnvd
- www.securityfocus.com/archive/1/470172/100/200/threadednvd
- www.securityfocus.com/archive/1/471842/100/0/threadednvd
- www.securityfocus.com/bid/24242nvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-468-1nvd
- www.ubuntu.com/usn/usn-469-1nvd
- www.vupen.com/english/advisories/2007/1994nvd
- www.vupen.com/english/advisories/2007/3632nvd
- www.vupen.com/english/advisories/2008/0082nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34605nvd
- issues.rpath.com/browse/RPL-1424nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10711nvd
News mentions
0No linked articles in our index yet.