Lucene search
Ubuntu.comUB:CVE-2010-3767HistoryDec 09, 2010 - 12:00 a.m.
CVE-2010-3767
2010-12-0900:00:00
ubuntu.com
ubuntu.com
19
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.423
Percentile
97.4%
Integer overflow in the NewIdArray function in Mozilla Firefox before
3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote
attackers to execute arbitrary code via a JavaScript array with many
elements.
Notes
| Author | Note |
|---|---|
| jdstrand | Ubuntu 11.04 (Natty Narwhal) has 4.0b7. Fixes will be in 4.0b8. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 3.6.13+build3+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | firefox | < 3.6.13+build3+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.6.13+build3+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | firefox-3.5 | < 3.6.13+build3+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 2.0.11+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | seamonkey | < 2.0.11+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | seamonkey | < 2.0.11+build1+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | seamonkey | < 2.0.11+build1+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | xulrunner-1.9.2 | < 1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | xulrunner-1.9.2 | < 1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
Related
zdi
zdi
mozilla
mozilla
Integer overflow vulnerability in NewIdArray — Mozilla
2010-12-09 00:00:00
cve
cve
CVE-2010-3767
2010-12-10 19:00:02
prion
prion
Integer overflow
2010-12-10 19:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:50:53
cvelist
cvelist
CVE-2010-3767
2010-12-10 18:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-81
2010-12-10 00:00:00
Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
2010-12-10 00:00:00
nvd
nvd
CVE-2010-3767
2010-12-10 19:00:02
oraclelinux
oraclelinux
thunderbird security update
2010-12-10 00:00:00
seamonkey security update
2010-12-10 00:00:00
firefox security update
2010-12-10 00:00:00
nessus
nessus
RHEL 4 / 5 : thunderbird (RHSA-2010:0968)
2010-12-10 00:00:00
CentOS 4 : thunderbird (CESA-2010:0968)
2011-01-28 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
centos
centos
thunderbird security update
2011-01-27 08:58:08
seamonkey security update
2011-01-27 08:55:30
firefox security update
2011-01-27 08:53:21
openvas
openvas
CentOS Update for thunderbird CESA-2010:0968 centos4 x86_64
2012-07-30 00:00:00
RedHat Update for thunderbird RHSA-2010:0968-01
2010-12-23 00:00:00
CentOS Update for thunderbird CESA-2010:0968 centos4 i386
2011-01-31 00:00:00
redhat
redhat
(RHSA-2010:0968) Moderate: thunderbird security update
2010-12-09 00:00:00
(RHSA-2010:0967) Critical: seamonkey security update
2010-12-09 00:00:00
(RHSA-2010:0966) Critical: firefox security update
2010-12-09 00:00:00
debian
debian
[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities
2010-12-11 12:03:17
[BSA-013] Security Update for iceweasel
2011-01-02 19:45:28
osv
osv
xulrunner - several vulnerabilities
2010-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: firefox-3.6.13-1.fc13
2010-12-10 20:25:42
[SECURITY] Fedora 14 Update: gnome-python2-extras-2.25.3-26.fc14.1
2010-12-10 20:27:49
[SECURITY] Fedora 14 Update: gnome-web-photo-0.9-16.fc14.1
2010-12-10 20:27:49
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-12-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-12-09 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2011-01-05 11:25:44
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.423
Percentile
97.4%
Related for UB:CVE-2010-3767