Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-0177

Опубликовано: 30 мар. 2010
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux Extended Update Support 4.8seamonkeyAffected
Red Hat Enterprise Linux 3seamonkeyFixedRHSA-2010:033330.03.2010
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:033230.03.2010
Red Hat Enterprise Linux 4seamonkeyFixedRHSA-2010:033330.03.2010
Red Hat Enterprise Linux 4thunderbirdFixedRHSA-2010:054421.07.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:033230.03.2010
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2010:033230.03.2010
Red Hat Enterprise Linux 5thunderbirdFixedRHSA-2010:054521.07.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=578152Mozilla Dangling pointer vulnerability in nsPluginArray

EPSS

Процентиль: 91%
0.07324
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-0177

ubuntu
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

nvd логотип

CVE-2010-0177

nvd
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

debian логотип

CVE-2010-0177

debian
около 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...

github логотип

GHSA-g4x4-8fj2-6pwg

github
около 3 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

oracle-oval логотип

ELSA-2010-0332

oracle-oval
около 15 лет назад

ELSA-2010-0332: firefox security update (CRITICAL)

EPSS

Процентиль: 91%
0.07324
Низкий

6.8 Medium

CVSS2