{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3105?format=json","vulnerability_id":"VCID-rxjp-56cu-r7c2","summary":"As part of the Firefox 2.0.0.2  and 1.5.0.10 update releases we fixed\nseveral bugs to improve the stability of the product. Some of these were\ncrashes that showed evidence of memory corruption and we presume that\nwith enough effort at least some of these could be exploited to run\narbitrary code.Thunderbird shares the browser engine with Firefox\nand could be vulnerable if JavaScript were to be enabled in\nmail. This is not the default setting and we strongly discourage users from\nrunning JavaScript in mail. Without further investigation we cannot rule out\nthe possibility that for some of these an attacker might be able to prepare\nmemory for exploitation through some means other than JavaScript, such as\nlarge images.","aliases":[{"alias":"CVE-2007-0775"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1265?format=json","purl":"pkg:mozilla/SeaMonkey@1.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.8"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775","reference_id":"CVE-2007-0775","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-01","reference_id":"mfsa2007-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-01"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxjp-56cu-r7c2"}