Lucene search

K

MitreCVELIST:CVE-2010-2764

HistorySep 09, 2010 - 6:00 p.m.

CVE-2010-2764

2010-09-0918:00:00

mitre

www.cve.org

5

AI Score

8.4

Confidence

High

EPSS

0.012

Percentile

85.3%

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html

lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html

secunia.com/advisories/42867

support.avaya.com/css/P8/documents/100112690

www.mandriva.com/security/advisories?name=MDVSA-2010:173

www.mozilla.org/security/announce/2010/mfsa2010-63.html

www.securityfocus.com/bid/43104

www.vupen.com/english/advisories/2010/2323

www.vupen.com/english/advisories/2011/0061

bugzilla.mozilla.org/show_bug.cgi?id=552090

exchange.xforce.ibmcloud.com/vulnerabilities/61662

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11684

AI Score

8.4

Confidence

High

EPSS

0.012

Percentile

85.3%

Related for CVELIST:CVE-2010-2764

mozilla1 nvd1 veracode1 prion1 cve1 ubuntucve1 securityvulns2 openvas41 fedora7 nessus47 ubuntu4 centos1 oraclelinux1 redhat1 debian2 freebsd1 suse3 gentoo1