Lucene search

[email protected]NVD:CVE-2010-1196

HistoryJun 24, 2010 - 12:30 p.m.

CVE-2010-1196

2010-06-2412:30:01

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.8

Confidence

High

EPSS

0.13

Percentile

95.6%

JSON

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillafirefoxMatch3.5.4

mozillafirefoxMatch3.5.5

mozillafirefoxMatch3.5.6

mozillafirefoxMatch3.5.7

mozillafirefoxMatch3.5.9

Node

mozillaseamonkeyRange≤2.0.4

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillaseamonkeyMatch1.1.16

mozillaseamonkeyMatch1.1.17

mozillaseamonkeyMatch1.1.18

mozillaseamonkeyMatch1.1.19

mozillaseamonkeyMatch2.0

mozillaseamonkeyMatch2.0alpha_1

mozillaseamonkeyMatch2.0alpha_2

mozillaseamonkeyMatch2.0alpha_3

mozillaseamonkeyMatch2.0beta_1

mozillaseamonkeyMatch2.0beta_2

mozillaseamonkeyMatch2.0rc1

mozillaseamonkeyMatch2.0rc2

mozillaseamonkeyMatch2.0.1

mozillaseamonkeyMatch2.0.2

mozillaseamonkeyMatch2.0.3

Node

mozillafirefoxMatch3.6

mozillafirefoxMatch3.6.2

mozillafirefoxMatch3.6.3

Node

mozillathunderbirdRange≤3.0.4

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.5

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

mozillathunderbirdMatch1.5.0.10

mozillathunderbirdMatch1.5.0.12

mozillathunderbirdMatch1.5.0.13

mozillathunderbirdMatch1.5.0.14

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.14

mozillathunderbirdMatch2.0.0.16

mozillathunderbirdMatch2.0.0.17

mozillathunderbirdMatch2.0.0.18

mozillathunderbirdMatch2.0.0.19

mozillathunderbirdMatch3.0

mozillathunderbirdMatch3.0.1

mozillathunderbirdMatch3.0.2

mozillathunderbirdMatch3.0.3

VendorProductVersionCPE
mozillafirefox3.5cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
mozillafirefox3.5.1cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
mozillafirefox3.5.2cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
mozillafirefox3.5.3cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
mozillafirefox3.5.4cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
mozillafirefox3.5.5cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
mozillafirefox3.5.6cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*
mozillafirefox3.5.7cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*
mozillafirefox3.5.9cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	3.5	cpe:2.3:a:mozilla:firefox:3.5:::::::*
mozilla	firefox	3.5.1	cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
mozilla	firefox	3.5.2	cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
mozilla	firefox	3.5.3	cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
mozilla	firefox	3.5.4	cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
mozilla	firefox	3.5.5	cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
mozilla	firefox	3.5.6	cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
mozilla	firefox	3.5.7	cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
mozilla	firefox	3.5.9	cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::