Lucene search
Ubuntu.comUB:CVE-2010-3804HistoryNov 22, 2010 - 12:00 a.m.
CVE-2010-3804
2010-11-2200:00:00
ubuntu.com
ubuntu.com
11
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.021
Percentile
89.1%
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac
OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses
a weak algorithm for generating values of random numbers, which makes it
easier for remote attackers to track a user by predicting a value, a
related issue to CVE-2008-5913 and CVE-2010-3171.
Notes
| Author | Note |
|---|---|
| jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) |
Related
cve
cve
nvd
nvd
cvelist
cvelist
prion
prion
Sql injection
2010-11-22 13:00:00
Code injection
2010-09-15 20:00:00
Session fixation
2009-01-20 16:30:00
ubuntucve
ubuntucve
mozilla
mozilla
User tracking across sites using Math.random() β Mozilla
2010-06-22 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-33
2010-06-25 00:00:00
New writeup by Amit Klein (Trusteer): "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1"
2010-09-16 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2010-06-25 00:00:00
veracode
veracode
Insecure Randomness
2020-04-10 00:43:41
nessus
nessus
RHEL 4 : seamonkey (Unpatched Vulnerability)
2024-06-03 00:00:00
Mozilla Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
2010-09-08 00:00:00
Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
2010-09-08 00:00:00
openvas
openvas
Firefox Information Disclosure Vulnerability Jan09 (Windows)
2009-01-28 00:00:00
Firefox Information Disclosure Vulnerability (Jan 2009) - Windows
2009-01-28 00:00:00
Mozilla Firefox Information Disclosure Vulnerability (Windows)
2010-09-21 00:00:00
exploitdb
exploitdb
WebKit - Insufficient Entropy Random Number Generator (2)
2010-11-18 00:00:00
WebKit - Insufficient Entropy Random Number Generator (1)
2010-11-18 00:00:00
seebug
seebug
Firefox JavaScriptεΌζMath.Random()θ·¨εδΏ‘ζ―ζ³ι²ζΌζ΄
2010-06-28 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: xulrunner-1.9.2.4-1.fc13
2010-06-24 16:31:49
[SECURITY] Fedora 13 Update: perl-Gtk2-MozEmbed-0.08-6.fc13.14
2010-06-24 16:31:49
[SECURITY] Fedora 13 Update: gnome-python2-extras-2.25.3-19.fc13
2010-06-24 16:31:49
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-06-29 00:00:00
Firefox regression
2010-06-30 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-06-22 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla-xulrunner191
2010-07-09 14:53:59
oraclelinux
oraclelinux
firefox security, bug fix, and enhancement update
2010-06-23 00:00:00
firefox security, bug fix, and enhancement update
2010-06-23 00:00:00
centos
centos
firefox security update
2010-08-06 23:15:15
devhelp, esc, firefox, gnome, totem, xulrunner, yelp security update
2010-06-24 16:14:16
redhat
redhat
(RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update
2010-06-22 00:00:00
(RHSA-2010:0500) Critical: firefox security, bug fix, and enhancement update
2010-06-22 00:00:00
debian
debian
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:48:42
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:54:27
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.021
Percentile
89.1%
Related for UB:CVE-2010-3804