{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-02-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-16T14:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"VU#551436","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/551436"},{"name":"20070226 rPSA-2007-0040-1 firefox","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/461336/100/0/threaded"},{"name":"FEDORA-2007-308","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://fedoranews.org/cms/node/2747"},{"name":"24328","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24328"},{"name":"GLSA-200703-04","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-200703-04.xml"},{"name":"24252","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24252"},{"name":"GLSA-200703-08","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"},{"name":"SSA:2007-066-03","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"},{"name":"24384","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24384"},{"name":"24406","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24406"},{"name":"24457","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24457"},{"name":"MDKSA-2007:052","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"},{"name":"HPSBUX02153","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0718","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/0718"},{"name":"FEDORA-2007-309","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://fedoranews.org/cms/node/2749"},{"name":"GLSA-200703-18","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-200703-18.xml"},{"name":"USN-428-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/usn-428-1"},{"name":"24320","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24320"},{"name":"SUSE-SA:2007:019","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"},{"name":"ADV-2008-0083","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"20070303 rPSA-2007-0040-3 firefox thunderbird","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/461809/100/0/threaded"},{"name":"firefox-strokewidth-bo(32698)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32698"},{"name":"SUSE-SA:2007:022","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"},{"name":"24293","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24293"},{"name":"24238","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24238"},{"name":"SSA:2007-066-04","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947"},{"name":"24456","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24456"},{"name":"24393","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24393"},{"name":"24522","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24522"},{"tags":["x_refsource_MISC"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=360645"},{"name":"22694","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/22694"},{"name":"SSRT061181","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0719","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/0719"},{"name":"FEDORA-2007-281","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://fedoranews.org/cms/node/2713"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.mozilla.org/security/announce/2007/mfsa2007-01.html"},{"name":"USN-431-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/usn-431-1"},{"name":"FEDORA-2007-293","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://fedoranews.org/cms/node/2728"},{"name":"32113","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/32113"},{"name":"24205","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24205"},{"name":"24389","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24389"},{"tags":["x_refsource_CONFIRM"],"url":"https://issues.rpath.com/browse/RPL-1081"},{"name":"24410","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24410"},{"name":"24333","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24333"},{"name":"24455","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24455"},{"name":"1017698","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1017698"},{"name":"SSA:2007-066-05","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"},{"name":"24437","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24437"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2007-0776","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"VU#551436","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/551436"},{"name":"20070226 rPSA-2007-0040-1 firefox","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/461336/100/0/threaded"},{"name":"FEDORA-2007-308","refsource":"FEDORA","url":"http://fedoranews.org/cms/node/2747"},{"name":"24328","refsource":"SECUNIA","url":"http://secunia.com/advisories/24328"},{"name":"GLSA-200703-04","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200703-04.xml"},{"name":"24252","refsource":"SECUNIA","url":"http://secunia.com/advisories/24252"},{"name":"GLSA-200703-08","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"},{"name":"SSA:2007-066-03","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"},{"name":"24384","refsource":"SECUNIA","url":"http://secunia.com/advisories/24384"},{"name":"24406","refsource":"SECUNIA","url":"http://secunia.com/advisories/24406"},{"name":"24457","refsource":"SECUNIA","url":"http://secunia.com/advisories/24457"},{"name":"MDKSA-2007:052","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"},{"name":"HPSBUX02153","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0718","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/0718"},{"name":"FEDORA-2007-309","refsource":"FEDORA","url":"http://fedoranews.org/cms/node/2749"},{"name":"GLSA-200703-18","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200703-18.xml"},{"name":"USN-428-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/usn-428-1"},{"name":"24320","refsource":"SECUNIA","url":"http://secunia.com/advisories/24320"},{"name":"SUSE-SA:2007:019","refsource":"SUSE","url":"http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"},{"name":"ADV-2008-0083","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"20070303 rPSA-2007-0040-3 firefox thunderbird","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/461809/100/0/threaded"},{"name":"firefox-strokewidth-bo(32698)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32698"},{"name":"SUSE-SA:2007:022","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"},{"name":"24293","refsource":"SECUNIA","url":"http://secunia.com/advisories/24293"},{"name":"24238","refsource":"SECUNIA","url":"http://secunia.com/advisories/24238"},{"name":"SSA:2007-066-04","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947"},{"name":"24456","refsource":"SECUNIA","url":"http://secunia.com/advisories/24456"},{"name":"24393","refsource":"SECUNIA","url":"http://secunia.com/advisories/24393"},{"name":"24522","refsource":"SECUNIA","url":"http://secunia.com/advisories/24522"},{"name":"https://bugzilla.mozilla.org/show_bug.cgi?id=360645","refsource":"MISC","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=360645"},{"name":"22694","refsource":"BID","url":"http://www.securityfocus.com/bid/22694"},{"name":"SSRT061181","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0719","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/0719"},{"name":"FEDORA-2007-281","refsource":"FEDORA","url":"http://fedoranews.org/cms/node/2713"},{"name":"http://www.mozilla.org/security/announce/2007/mfsa2007-01.html","refsource":"CONFIRM","url":"http://www.mozilla.org/security/announce/2007/mfsa2007-01.html"},{"name":"USN-431-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/usn-431-1"},{"name":"FEDORA-2007-293","refsource":"FEDORA","url":"http://fedoranews.org/cms/node/2728"},{"name":"32113","refsource":"OSVDB","url":"http://www.osvdb.org/32113"},{"name":"24205","refsource":"SECUNIA","url":"http://secunia.com/advisories/24205"},{"name":"24389","refsource":"SECUNIA","url":"http://secunia.com/advisories/24389"},{"name":"https://issues.rpath.com/browse/RPL-1081","refsource":"CONFIRM","url":"https://issues.rpath.com/browse/RPL-1081"},{"name":"24410","refsource":"SECUNIA","url":"http://secunia.com/advisories/24410"},{"name":"24333","refsource":"SECUNIA","url":"http://secunia.com/advisories/24333"},{"name":"24455","refsource":"SECUNIA","url":"http://secunia.com/advisories/24455"},{"name":"1017698","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1017698"},{"name":"SSA:2007-066-05","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"},{"name":"24437","refsource":"SECUNIA","url":"http://secunia.com/advisories/24437"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T12:34:20.851Z"},"title":"CVE Program Container","references":[{"name":"VU#551436","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/551436"},{"name":"20070226 rPSA-2007-0040-1 firefox","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/461336/100/0/threaded"},{"name":"FEDORA-2007-308","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://fedoranews.org/cms/node/2747"},{"name":"24328","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24328"},{"name":"GLSA-200703-04","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-200703-04.xml"},{"name":"24252","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24252"},{"name":"GLSA-200703-08","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"},{"name":"SSA:2007-066-03","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"},{"name":"24384","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24384"},{"name":"24406","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24406"},{"name":"24457","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24457"},{"name":"MDKSA-2007:052","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:052"},{"name":"HPSBUX02153","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0718","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/0718"},{"name":"FEDORA-2007-309","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://fedoranews.org/cms/node/2749"},{"name":"GLSA-200703-18","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-200703-18.xml"},{"name":"USN-428-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/usn-428-1"},{"name":"24320","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24320"},{"name":"SUSE-SA:2007:019","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"},{"name":"ADV-2008-0083","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"20070303 rPSA-2007-0040-3 firefox thunderbird","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/461809/100/0/threaded"},{"name":"firefox-strokewidth-bo(32698)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32698"},{"name":"SUSE-SA:2007:022","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"},{"name":"24293","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24293"},{"name":"24238","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24238"},{"name":"SSA:2007-066-04","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947"},{"name":"24456","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24456"},{"name":"24393","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24393"},{"name":"24522","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24522"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=360645"},{"name":"22694","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/22694"},{"name":"SSRT061181","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"name":"ADV-2007-0719","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/0719"},{"name":"FEDORA-2007-281","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://fedoranews.org/cms/node/2713"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.mozilla.org/security/announce/2007/mfsa2007-01.html"},{"name":"USN-431-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/usn-431-1"},{"name":"FEDORA-2007-293","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://fedoranews.org/cms/node/2728"},{"name":"32113","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/32113"},{"name":"24205","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24205"},{"name":"24389","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24389"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://issues.rpath.com/browse/RPL-1081"},{"name":"24410","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24410"},{"name":"24333","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24333"},{"name":"24455","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24455"},{"name":"1017698","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1017698"},{"name":"SSA:2007-066-05","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"},{"name":"24437","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24437"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2007-0776","datePublished":"2007-02-26T19:00:00.000Z","dateReserved":"2007-02-06T00:00:00.000Z","dateUpdated":"2024-08-07T12:34:20.851Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}