Lucene search

K

MitreCVELIST:CVE-2010-3168

HistorySep 09, 2010 - 6:00 p.m.

CVE-2010-3168

2010-09-0918:00:00

mitre

www.cve.org

5

AI Score

9.3

Confidence

High

EPSS

0.169

Percentile

96.1%

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html

lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html

secunia.com/advisories/42867

support.avaya.com/css/P8/documents/100110210

support.avaya.com/css/P8/documents/100112690

www.debian.org/security/2010/dsa-2106

www.mandriva.com/security/advisories?name=MDVSA-2010:173

www.mozilla.org/security/announce/2010/mfsa2010-55.html

www.securityfocus.com/bid/43108

www.vupen.com/english/advisories/2010/2323

www.vupen.com/english/advisories/2011/0061

bugzilla.mozilla.org/show_bug.cgi?id=576075

exchange.xforce.ibmcloud.com/vulnerabilities/61653

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12001

AI Score

9.3

Confidence

High

EPSS

0.169

Percentile

96.1%

Related for CVELIST:CVE-2010-3168

prion1 securityvulns3 zdi1 veracode1 ubuntucve1 nvd1 cve1 mozilla1 openvas55 oraclelinux3 nessus50 centos3 redhat3 debian5 osv1 fedora7 ubuntu4 freebsd1 suse3 gentoo1