New Search

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5 as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2 Thunderbird before 1.5.0.10 SeaMonkey before 1.0.8 and certain Sun Java System server products before 20070611 allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

oval:org.mitre.oval:def:10174

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5 as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2 Thunderbird before 1.5.0.10 SeaMonkey before 1.0.8 and certain Sun Java System server products before 20070611 allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • Oracle Linux 5
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-0009
Product(s):