CVE-2007-5691Improper Input Validation in Mozilla Firefox

CWE-20Improper Input Validation2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 29.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedOct 29
Latest updateMay 1

Description

ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from invalid pointer."

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDmozilla/firefox2.0.0.7

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-p6h6-f79f-g6cp: ParseFTPList2022-05-01