Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2760

Опубликовано: 07 сент. 2010
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 3seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nssFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4thunderbirdFixedRHSA-2010:068208.09.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nssFixedRHSA-2010:068108.09.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=630062Mozilla Dangling pointer vulnerability in nsTreeSelection (MFSA 2010-54)

EPSS

Процентиль: 88%
0.03996
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2760

ubuntu
почти 15 лет назад

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

nvd логотип

CVE-2010-2760

nvd
почти 15 лет назад

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

debian логотип

CVE-2010-2760

debian
почти 15 лет назад

Use-after-free vulnerability in the nsTreeSelection function in Mozill ...

github логотип

GHSA-vfwv-gjcf-p528

github
около 3 лет назад

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

oracle-oval логотип

ELSA-2010-0681

oracle-oval
почти 15 лет назад

ELSA-2010-0681: firefox security update (CRITICAL)

EPSS

Процентиль: 88%
0.03996
Низкий

6.8 Medium

CVSS2