CVE-2007-0009 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-0009 Interim 1 12 2023-07-01T01:07:33Z current 2021-05-30T12:37:36Z 2023-07-01T01:07:33Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-0009 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2007-03/msg00002.html E-Mail link for SUSE-SA:2007:019 https://lists.opensuse.org/opensuse-security-announce/2007-03/msg00007.html E-Mail link for SUSE-SA:2007:022 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Enterprise Storage 6 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-10.0-0.3.2 MozillaFirefox-17.0.4esr-0.10.42 MozillaFirefox-3.5.9-0.1.1 MozillaFirefox-31.7.0esr-0.8.1 MozillaFirefox-92.0-1.2 MozillaFirefox-branding-upstream-92.0-1.2 MozillaFirefox-devel-31.7.0esr-0.8.1 MozillaFirefox-devel-92.0-1.2 MozillaFirefox-translations-10.0-0.3.2 MozillaFirefox-translations-17.0.4esr-0.10.42 MozillaFirefox-translations-3.5.9-0.1.1 MozillaFirefox-translations-31.7.0esr-0.8.1 MozillaFirefox-translations-common-92.0-1.2 MozillaFirefox-translations-other-92.0-1.2 MozillaFirefox-3.5.9-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 MozillaFirefox-translations-3.5.9-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 MozillaFirefox-10.0-0.3.2 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-translations-10.0-0.3.2 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-17.0.4esr-0.10.42 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-translations-17.0.4esr-0.10.42 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-translations-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-devel-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 MozillaFirefox-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-devel-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Enterprise Storage 6 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. CVE-2007-0009 SUSE Linux Enterprise Server 11 SP1:MozillaFirefox-3.5.9-0.1.1 SUSE Linux Enterprise Server 11 SP1:MozillaFirefox-translations-3.5.9-0.1.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-10.0-0.3.2 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-translations-10.0-0.3.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-17.0.4esr-0.10.42 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-17.0.4esr-0.10.42 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-31.7.0esr-0.8.1 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-31.7.0esr-0.8.1 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-31.7.0esr-0.8.1 openSUSE Tumbleweed:MozillaFirefox-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-devel-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-common-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-other-92.0-1.2 SUSE Enterprise Storage 6:MozillaFirefox moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P