Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-3399
HistorySep 15, 2010 - 8:00 p.m.

CVE-2010-3399

2010-09-1520:00:02
CWE-310
mitre
web.nvd.nist.gov
39
cve
mozilla
firefox
javascript
vulnerability
remote attackers
seed value
brute-force attack

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

8.7

Confidence

High

EPSS

0.021

Percentile

89.1%

JSON

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.

Affected configurations

Nvd
Node
mozillafirefoxMatch3.5.10
OR
mozillafirefoxMatch3.5.11
OR
mozillafirefoxMatch3.6.4
OR
mozillafirefoxMatch3.6.6
OR
mozillafirefoxMatch3.6.7
OR
mozillafirefoxMatch3.6.8
OR
mozillafirefoxMatch4.0beta1
VendorProductVersionCPE
mozillafirefox3.5.10cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*
mozillafirefox3.5.11cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*
mozillafirefox3.6.4cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*
mozillafirefox3.6.6cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*
mozillafirefox3.6.7cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*
mozillafirefox3.6.8cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*
mozillafirefox4.0cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*

Related

openvas 3
prion 3
ubuntucve 3
nvd 3
cvelist 3
seebug 1
exploitdb 1
securityvulns 2
cve 2
nessus 14
mozilla 1
gentoo 1
openvas
openvas
Mozilla Firefox Information Disclosure Vulnerability - Windows
2010-09-21 00:00:00
Mozilla Firefox Information Disclosure Vulnerability (Windows)
2010-09-21 00:00:00
Gentoo Security Advisory GLSA 201301-01
2015-09-29 00:00:00
prion
prion
Design/Logic Flaw
2010-09-15 20:00:00
Code injection
2010-09-15 20:00:00
Sql injection
2010-11-22 13:00:00
ubuntucve
ubuntucve
CVE-2010-3399
2010-09-15 00:00:00
CVE-2010-3171
2010-09-15 00:00:00
CVE-2010-3804
2010-11-22 00:00:00
nvd
nvd
CVE-2010-3399
2010-09-15 20:00:02
CVE-2010-3171
2010-09-15 20:00:02
CVE-2010-3804
2010-11-22 13:00:17
cvelist
cvelist
CVE-2010-3399
2010-09-15 19:00:00
CVE-2010-3171
2010-09-15 19:00:00
CVE-2010-3804
2010-11-20 21:00:00
seebug
seebug
Mozilla Firefox js_InitRandomε‡½ζ•°δΈε……εˆ†ιšζœΊζ•°ζΌζ΄ž
2010-09-25 00:00:00
exploitdb
exploitdb
Mozilla Firefox 3.6.8 - 'Math.random()' Cross Domain Information Disclosure
2010-09-14 00:00:00
securityvulns
securityvulns
New writeup by Amit Klein (Trusteer): "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1"
2010-09-16 00:00:00
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2010-09-16 00:00:00
cve
cve
CVE-2010-3171
2010-09-15 20:00:02
CVE-2010-3804
2010-11-22 13:00:17
nessus
nessus
Mozilla Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
2010-09-08 00:00:00
Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
2010-09-08 00:00:00
CentOS 3 / 4 : seamonkey (CESA-2010:0499)
2010-07-22 00:00:00
mozilla
mozilla
User tracking across sites using Math.random() β€” Mozilla
2010-06-22 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

8.7

Confidence

High

EPSS

0.021

Percentile

89.1%

JSON
Related for CVE-2010-3399
openvas3prion3ubuntucve3nvd3cvelist3seebug1exploitdb1securityvulns2cve2nessus14mozilla1gentoo1