Vulnerability Description
Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access.
CVSS Score
7.1
HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 2.0.0.3 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/062773.html
- http://osvdb.org/35700
- http://securityreason.com/securityalert/2704
- http://www.critical.lt/research/opera_die_happy.htmlExploit
- http://www.securityfocus.com/bid/23747Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33982
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/062773.html
- http://osvdb.org/35700
- http://securityreason.com/securityalert/2704
- http://www.critical.lt/research/opera_die_happy.htmlExploit
- http://www.securityfocus.com/bid/23747Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33982
FAQ
What is CVE-2007-2671?
CVE-2007-2671 is a vulnerability with a CVSS score of 7.1 (HIGH). Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access...
How severe is CVE-2007-2671?
CVE-2007-2671 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2671?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.