Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-1196

Опубликовано: 22 июн. 2010
Источник: redhat
CVSS2: 6.8

Описание

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:050022.06.2010
Red Hat Enterprise Linux 5devhelpFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5escFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5gnome-python2-extrasFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5totemFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2010:050122.06.2010
Red Hat Enterprise Linux 5yelpFixedRHSA-2010:050122.06.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=590830nsGenericDOMDataNode:: SetTextInternal

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-1196

ubuntu
почти 15 лет назад

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

nvd логотип

CVE-2010-1196

nvd
почти 15 лет назад

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

debian логотип

CVE-2010-1196

debian
почти 15 лет назад

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function ...

github логотип

GHSA-9h7f-qfpr-g776

github
около 3 лет назад

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

oracle-oval логотип

ELSA-2010-0501

oracle-oval
почти 15 лет назад

ELSA-2010-0501: firefox security, bug fix, and enhancement update (CRITICAL)

6.8 Medium

CVSS2