Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mozillaMozilla FoundationMFSA2010-27
HistoryJun 22, 2010 - 12:00 a.m.

Use-after-free error in nsCycleCollector::MarkRoots() — Mozilla

2010-06-2200:00:00
Mozilla Foundation
www.mozilla.org
21

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.13

Percentile

95.5%

JSON

Security researcher wushi of team509 reported that the frame construction process for certain types of menus could result in a menu containing a pointer to a previously freed menu item. During the cycle collection process, this freed item could be accessed, resulting in the execution of a section of code potentially controlled by an attacker.

Affected configurations

Vulners
Node
mozillafirefoxRange<3.5.10
OR
mozillaseamonkeyRange<2.0.5
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Related

nvd 1
prion 1
cve 1
securityvulns 2
ubuntucve 1
cvelist 1
nessus 23
osv 1
debian 3
openvas 25
fedora 9
freebsd 1
suse 1
gentoo 1
nvd
nvd
CVE-2010-0183
2010-06-24 12:30:01
prion
prion
Design/Logic Flaw
2010-06-24 12:30:00
cve
cve
CVE-2010-0183
2010-06-24 12:30:01
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-27
2010-06-25 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2010-06-25 00:00:00
ubuntucve
ubuntucve
CVE-2010-0183
2010-06-24 00:00:00
cvelist
cvelist
CVE-2010-0183
2010-06-23 18:00:00
nessus
nessus
SeaMonkey < 2.0.5 Multiple Vulnerabilities
2010-06-23 00:00:00
Debian DSA-2064-1 : xulrunner - several vulnerabilities
2010-06-29 00:00:00
Firefox < 3.5.10 Multiple Vulnerabilities
2010-06-23 00:00:00
osv
osv
xulrunner - several vulnerabilities
2010-06-27 00:00:00
debian
debian
[SECURITY] [DSA 2064-1] New xulrunner packages fix several vulnerabilities
2010-06-27 20:39:12
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:54:27
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:48:42
openvas
openvas
Debian: Security Advisory (DSA-2064-1)
2010-07-06 00:00:00
Debian Security Advisory DSA 2064-1 (xulrunner)
2010-07-06 00:00:00
Fedora Update for gnome-python2-extras FEDORA-2010-10344
2010-06-25 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: firefox-3.5.10-1.fc12
2010-06-24 16:26:47
[SECURITY] Fedora 12 Update: gnome-web-photo-0.9-7.fc12
2010-06-24 16:26:47
[SECURITY] Fedora 12 Update: xulrunner-1.9.1.10-1.fc12
2010-06-24 16:26:47
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-06-22 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla-xulrunner191
2010-07-09 14:53:59
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.13

Percentile

95.5%

JSON
Related for MFSA2010-27
nvd1prion1cve1securityvulns2ubuntucve1cvelist1nessus23osv1debian3openvas25fedora9freebsd1suse1gentoo1