CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.5%
The Mozilla Project reports:
MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
MFSA 2010-65 Buffer overflow and memory corruption using document.write
MFSA 2010-66 Use-after-free error in nsBarProp
MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
MFSA 2010-68 XSS in gopher parser when parsing hrefs
MFSA 2010-69 Cross-site information disclosure via modal calls
MFSA 2010-70 SSL wildcard certificate matching IP addresses
MFSA 2010-71 Unsafe library loading vulnerabilities
MFSA 2010-72 Insecure Diffie-Hellman key exchange
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 3.6.11,1 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 1.9.2.11 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 3.6.11,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 3.5.14 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.0.9 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | = 3.0 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 3.0.9 | UNKNOWN |
www.mozilla.org/security/announce/2010/mfsa2010-64.html
www.mozilla.org/security/announce/2010/mfsa2010-65.html
www.mozilla.org/security/announce/2010/mfsa2010-66.html
www.mozilla.org/security/announce/2010/mfsa2010-67.html
www.mozilla.org/security/announce/2010/mfsa2010-68.html
www.mozilla.org/security/announce/2010/mfsa2010-69.html
www.mozilla.org/security/announce/2010/mfsa2010-70.html
www.mozilla.org/security/announce/2010/mfsa2010-71.html
www.mozilla.org/security/announce/2010/mfsa2010-72.html