Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-0172
HistoryMar 25, 2010 - 12:00 a.m.

CVE-2010-0172

2010-03-2500:00:00
ubuntu.com
ubuntu.com
19

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.007

Percentile

79.8%

JSON

toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the
asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6
before 3.6.2 does not properly handle concurrent authorization requests
from multiple web sites, which might allow remote web servers to spoof an
authorization dialog and capture credentials by demanding HTTP
authentication in opportunistic circumstances.

Bugs

Related

nvd 1
prion 1
securityvulns 2
cve 1
cvelist 1
seebug 1
mozilla 1
openvas 17
nessus 4
gentoo 1
nvd
nvd
CVE-2010-0172
2010-03-25 21:00:00
prion
prion
Authorization
2010-03-25 21:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-15
2010-04-06 00:00:00
Многочисленные уязвимости в Mozilla Firefox / Seamonkey multiple security vulnerabilities
2013-08-20 00:00:00
cve
cve
CVE-2010-0172
2010-03-25 21:00:00
cvelist
cvelist
CVE-2010-0172
2010-03-25 20:31:00
seebug
seebug
Mozilla Firefox 3.6 异步HTTP授权提示信息泄露漏洞
2010-03-26 00:00:00
mozilla
mozilla
Asynchronous Auth Prompt attaches to wrong window — Mozilla
2010-03-23 00:00:00
openvas
openvas
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
nessus
nessus
Mozilla Firefox < 3.6.2 Multiple Vulnerabilities.
2010-03-23 00:00:00
Firefox 3.6.x < 3.6.2 Multiple Vulnerabilities
2010-03-23 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2010:070-1)
2010-04-14 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.007

Percentile

79.8%

JSON
Related for UB:CVE-2010-0172
nvd1prion1securityvulns2cve1cvelist1seebug1mozilla1openvas17nessus4gentoo1