Lucene search
Mozilla FoundationMFSA2010-17HistoryMar 30, 2010 - 12:00 a.m.
Remote code execution with use-after-free in nsTreeSelection โ Mozilla
2010-03-3000:00:00
Mozilla Foundation
www.mozilla.org
29
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.104
Percentile
95.0%
Security researcher regenrecht reported via TippingPointโs Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victimโs browser and run arbitrary code on the victimโs computer.
Affected configurations
Node
mozillafirefoxRange<3.0.19
ORmozillafirefoxRange<3.5.9
ORmozillaseamonkeyRange<2.0.4
ORmozillathunderbirdRange<3.0.4
Related
zdi
zdi
cve
cve
CVE-2010-0175
2010-04-05 17:30:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-17
2010-04-06 00:00:00
ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability
2010-04-06 00:00:00
xulrunner multiple security vulnerabilities
2010-04-06 00:00:00
veracode
veracode
Use-after-Free
2020-04-10 00:45:20
openvas
openvas
Mozilla Products 'nsTreeSelection' DoS Vulnerability - Windows
2010-04-13 00:00:00
Mozilla Products 'nsTreeSelection' Denial of Service vulnerability (Windows)
2010-04-13 00:00:00
Fedora Update for sunbird FEDORA-2010-5539
2010-04-06 00:00:00
prion
prion
Design/Logic Flaw
2010-04-05 17:30:00
nvd
nvd
CVE-2010-0175
2010-04-05 17:30:00
cvelist
cvelist
CVE-2010-0175
2010-04-05 17:00:00
ubuntucve
ubuntucve
CVE-2010-0175
2010-04-05 00:00:00
seebug
seebug
Firefox nsTreeSelectionๅฎ็ฐ้ๆพๅไฝฟ็จๆผๆด
2010-04-07 00:00:00
nessus
nessus
fedora
fedora
[SECURITY] Fedora 13 Update: sunbird-1.0-0.21.20090916hg.fc13
2010-04-01 17:18:40
[SECURITY] Fedora 11 Update: sunbird-1.0-0.16.20090715hg.fc11
2010-04-01 01:53:01
[SECURITY] Fedora 12 Update: sunbird-1.0-0.21.20090916hg.fc12
2010-04-01 01:55:06
centos
centos
seamonkey security update
2010-04-06 20:47:36
firefox security update
2010-04-06 21:01:59
thunderbird security update
2010-08-06 23:32:55
redhat
redhat
(RHSA-2010:0333) Critical: seamonkey security update
2010-03-30 00:00:00
(RHSA-2010:0332) Critical: firefox security update
2010-03-30 00:00:00
(RHSA-2010:0544) Moderate: thunderbird security update
2010-07-20 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2010-03-30 00:00:00
firefox security update
2010-03-31 00:00:00
thunderbird security update
2010-07-21 00:00:00
ubuntu
ubuntu
Firefox 3.0 and Xulrunner vulnerabilities
2010-04-09 00:00:00
Firefox 3.5 and Xulrunner vulnerabilities
2010-04-09 00:00:00
debian
debian
[SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities
2010-04-03 17:50:19
osv
osv
xulrunner - several vulnerabilities
2010-04-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-03-30 00:00:00
suse
suse
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.104
Percentile
95.0%
Related for MFSA2010-17