Lucene search
Mozilla FoundationMFSA2010-09HistoryMar 23, 2010 - 12:00 a.m.
Deleted frame reuse in multipart/x-mixed-replace image — Mozilla
2010-03-2300:00:00
Mozilla Foundation
www.mozilla.org
29
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.072
Percentile
94.1%
Security researcher regenrecht reported (via TippingPoint’s Zero Day Initiative) a potential reuse of a deleted image frame in Firefox 3.6’s handling of multipart/x-mixed-replace images. Although no exploit was shown, re-use of freed memory has led to exploitable vulnerabilities in the past.
Affected configurations
Node
mozillafirefoxRange<3.6.2
Related
zdi
zdi
cvelist
cvelist
CVE-2010-0164
2010-03-25 20:31:00
securityvulns
securityvulns
nvd
nvd
CVE-2010-0164
2010-03-25 21:00:00
prion
prion
Design/Logic Flaw
2010-03-25 21:00:00
seebug
seebug
Mozilla Firefox 3.6 libpr0n库远程代码执行漏洞
2010-03-24 00:00:00
ubuntucve
ubuntucve
CVE-2010-0164
2010-03-25 00:00:00
cve
cve
CVE-2010-0164
2010-03-25 21:00:00
openvas
openvas
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
nessus
nessus
Mozilla Firefox < 3.6.2 Multiple Vulnerabilities.
2010-03-23 00:00:00
Firefox 3.6.x < 3.6.2 Multiple Vulnerabilities
2010-03-23 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2010:070-1)
2010-04-14 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.072
Percentile
94.1%
Related for MFSA2010-09