Lucene search
RootSSV:19336HistoryMar 24, 2010 - 12:00 a.m.
Mozilla Firefox 3.6 libpr0n库远程代码执行漏洞
2010-03-2400:00:00
Root
www.seebug.org
18
EPSS
0.072
Percentile
94.1%
CVE ID: CVE-2010-0164
Firefox是一款流行的开源WEB浏览器。
Firefox中负责处理图形缓存和动画的libpr0n库处理通过multipart/x-mixed-replace mime从服务器所接收的动画的方式存在远程代码执行漏洞。在bits-per-pixel发生了更改的情况下,应用会释放指针然后重新使用已释放的指针,这可能导致可利用的情况。
Mozilla Firefox 3.6
厂商补丁:
Mozilla
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
zdi
zdi
cvelist
cvelist
CVE-2010-0164
2010-03-25 20:31:00
securityvulns
securityvulns
nvd
nvd
CVE-2010-0164
2010-03-25 21:00:00
prion
prion
Design/Logic Flaw
2010-03-25 21:00:00
mozilla
mozilla
Deleted frame reuse in multipart/x-mixed-replace image — Mozilla
2010-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2010-0164
2010-03-25 00:00:00
cve
cve
CVE-2010-0164
2010-03-25 21:00:00
openvas
openvas
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
nessus
nessus
Mozilla Firefox < 3.6.2 Multiple Vulnerabilities.
2010-03-23 00:00:00
Firefox 3.6.x < 3.6.2 Multiple Vulnerabilities
2010-03-23 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2010:070-1)
2010-04-14 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00