CVE-2007-0776Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents3 sources
Severity
9.3CRITICALNVD
EPSS
31.0%
top 3.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird
Timeline
PublishedFeb 26
Latest updateMay 1

Description

Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDmozilla/firefox2.0.0.1
NVDmozilla/thunderbird1.5.0.9

Patches

Patch: www.mozilla.orgPatch: www.mozilla.org

🔴Vulnerability Details

1
GHSA
GHSA-9xpj-q2q2-5w8q: Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 22022-05-01

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2007-03-07
Ubuntu
Firefox regression2007-03-02
Ubuntu
Firefox vulnerabilities2007-03-01