Lucene search
RegenrechtZDI-10-265HistoryDec 09, 2010 - 12:00 a.m.
Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability
2010-12-0900:00:00
regenrecht
www.zerodayinitiative.com
24
EPSS
0.423
Percentile
97.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox’s management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
Related
ubuntucve
ubuntucve
CVE-2010-3767
2010-12-09 00:00:00
mozilla
mozilla
Integer overflow vulnerability in NewIdArray — Mozilla
2010-12-09 00:00:00
cve
cve
CVE-2010-3767
2010-12-10 19:00:02
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:50:53
cvelist
cvelist
CVE-2010-3767
2010-12-10 18:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-81
2010-12-10 00:00:00
Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
2010-12-10 00:00:00
prion
prion
Integer overflow
2010-12-10 19:00:00
nvd
nvd
CVE-2010-3767
2010-12-10 19:00:02
oraclelinux
oraclelinux
thunderbird security update
2010-12-10 00:00:00
seamonkey security update
2010-12-10 00:00:00
firefox security update
2010-12-10 00:00:00
nessus
nessus
RHEL 4 / 5 : thunderbird (RHSA-2010:0968)
2010-12-10 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 4 : thunderbird (ELSA-2010-0968)
2013-07-12 00:00:00
centos
centos
thunderbird security update
2011-01-27 08:58:08
seamonkey security update
2011-01-27 08:55:30
firefox security update
2011-01-27 08:53:21
openvas
openvas
CentOS Update for thunderbird CESA-2010:0968 centos4 x86_64
2012-07-30 00:00:00
CentOS Update for thunderbird CESA-2010:0968 centos4 i386
2011-01-31 00:00:00
RedHat Update for thunderbird RHSA-2010:0968-01
2010-12-23 00:00:00
redhat
redhat
(RHSA-2010:0968) Moderate: thunderbird security update
2010-12-09 00:00:00
(RHSA-2010:0967) Critical: seamonkey security update
2010-12-09 00:00:00
(RHSA-2010:0966) Critical: firefox security update
2010-12-09 00:00:00
debian
debian
[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities
2010-12-11 12:03:17
[BSA-013] Security Update for iceweasel
2011-01-02 19:45:28
osv
osv
xulrunner - several vulnerabilities
2010-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: firefox-3.6.13-1.fc13
2010-12-10 20:25:42
[SECURITY] Fedora 14 Update: gnome-python2-extras-2.25.3-26.fc14.1
2010-12-10 20:27:49
[SECURITY] Fedora 14 Update: gnome-web-photo-0.9-16.fc14.1
2010-12-10 20:27:49
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-12-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-12-09 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2011-01-05 11:25:44
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00