Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2010-2764

Опубликовано: 09 сент. 2010
Источник: debian
EPSS Низкий

Описание

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xulrunnerremovedpackage
iceweaselfixed3.5.12-1package
iceweaselnot-affectedlennypackage
xulrunnernot-affectedlennypackage
icedovefixed3.0.7-1package
icedovenot-affectedlennypackage
iceapefixed2.0.7-1package
iceapenot-affectedlennypackage

Примечания

  • xulrunner in wheezy is not covered by security support

EPSS

Процентиль: 78%
0.01176
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2010-2764

ubuntu
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

redhat логотип

CVE-2010-2764

redhat
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

nvd логотип

CVE-2010-2764

nvd
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

github логотип

GHSA-8hxp-g3r8-hhm2

github
около 3 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

oracle-oval логотип

ELSA-2010-0681

oracle-oval
почти 15 лет назад

ELSA-2010-0681: firefox security update (CRITICAL)

EPSS

Процентиль: 78%
0.01176
Низкий