MitreCVELIST:CVE-2010-1199CVE-2010-1199
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
References
lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
secunia.com/advisories/40323
secunia.com/advisories/40326
secunia.com/advisories/40401
secunia.com/advisories/40481
support.avaya.com/css/P8/documents/100091069
ubuntu.com/usn/usn-930-1
www.exploit-db.com/exploits/14949
www.mandriva.com/security/advisories?name=MDVSA-2010:125
www.mozilla.org/security/announce/2010/mfsa2010-30.html
www.redhat.com/support/errata/RHSA-2010-0499.html
www.redhat.com/support/errata/RHSA-2010-0500.html
www.redhat.com/support/errata/RHSA-2010-0501.html
www.securityfocus.com/archive/1/511972/100/0/threaded
www.securityfocus.com/bid/41050
www.securityfocus.com/bid/41082
www.securitytracker.com/id?1024138
www.securitytracker.com/id?1024139
www.ubuntu.com/usn/usn-930-2
www.vupen.com/english/advisories/2010/1551
www.vupen.com/english/advisories/2010/1556
www.vupen.com/english/advisories/2010/1557
www.vupen.com/english/advisories/2010/1592
www.vupen.com/english/advisories/2010/1640
www.vupen.com/english/advisories/2010/1773
www.zerodayinitiative.com/advisories/ZDI-10-113
bugzilla.mozilla.org/show_bug.cgi?id=554255
exchange.xforce.ibmcloud.com/vulnerabilities/59666
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10885
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13287
Related
