Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2010-3768

Опубликовано: 10 дек. 2010
Источник: debian
EPSS Низкий

Описание

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xulrunnerremovedpackage
xulrunnernot-affectedlennypackage
icedovefixed3.0.11-1package
iceweaselfixed3.5.16-1package
iceweaselnot-affectedlennypackage
iceapefixed2.0.11-1package
iceapenot-affectedlennypackage

Примечания

  • xulrunner in wheezy is not covered by security support

EPSS

Процентиль: 91%
0.06823
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2010-3768

ubuntu
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

redhat логотип

CVE-2010-3768

redhat
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

nvd логотип

CVE-2010-3768

nvd
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

github логотип

GHSA-qrwh-98p4-jg32

github
около 3 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

oracle-oval логотип

ELSA-2010-0969

oracle-oval
больше 14 лет назад

ELSA-2010-0969: thunderbird security update (MODERATE)

EPSS

Процентиль: 91%
0.06823
Низкий