Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-1028HistoryMar 19, 2010 - 9:30 p.m.
CVE-2010-1028
2010-03-1921:30:00
Debian Security Bug Tracker
security-tracker.debian.org
21
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.862
Percentile
98.6%
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | calibre | < 2.38.0+dfsg-1 | calibre_2.38.0+dfsg-1_all.deb |
| Debian | 11 | all | calibre | < 2.38.0+dfsg-1 | calibre_2.38.0+dfsg-1_all.deb |
| Debian | 999 | all | calibre | < 2.38.0+dfsg-1 | calibre_2.38.0+dfsg-1_all.deb |
| Debian | 13 | all | calibre | < 2.38.0+dfsg-1 | calibre_2.38.0+dfsg-1_all.deb |
Related
cert
cert
Mozilla WOFF decoder integer overflow
2010-03-23 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2010-03-30 00:00:00
Mozilla Firefox Unspecified Vulnerability - Windows
2010-03-23 00:00:00
Mozilla Firefox Unspecified Vulnerability (Windows)
2010-03-23 00:00:00
seebug
seebug
Mozilla Firefox 3.6 WOFF解码器整数溢出漏洞
2010-03-24 00:00:00
zdi
zdi
zdt
zdt
Mozilla Firefox 3.6 - Integer Overflow Exploit
2013-08-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox WOFF Font Processing Integer Overflow (CVE-2010-1028)
2010-05-09 00:00:00
prion
prion
Integer overflow
2010-03-19 21:30:00
Memory corruption
2010-03-25 22:30:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-08
2010-04-06 00:00:00
x90c WOFF Firefox 1day exploit
2013-08-20 00:00:00
nessus
nessus
FreeBSD : firefox -- WOFF heap corruption due to integer overflow (5d5ed535-3653-11df-9edc-000f20797ede)
2010-03-24 00:00:00
RHEL 5 : firefox (RHSA-2010:0501)
2010-06-23 00:00:00
CentOS 5 : firefox (CESA-2010:0501)
2010-06-25 00:00:00
mozilla
mozilla
WOFF heap corruption due to integer overflow — Mozilla
2010-03-22 00:00:00
cvelist
cvelist
CVE-2010-1028
2010-03-19 21:00:00
CVE-2010-1122
2010-03-25 22:00:00
nvd
nvd
CVE-2010-1028
2010-03-19 21:30:00
CVE-2010-1122
2010-03-25 22:30:00
freebsd
freebsd
firefox -- WOFF heap corruption due to integer overflow
2010-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2010-1028
2010-03-19 00:00:00
CVE-2010-1122
2010-03-25 00:00:00
cve
cve
CVE-2010-1028
2010-03-19 21:30:00
CVE-2010-1122
2010-03-25 22:30:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.862
Percentile
98.6%
Related for DEBIANCVE:CVE-2010-1028