Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-3167

Опубликовано: 07 сент. 2010
Источник: redhat
CVSS2: 6.8

Описание

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 3seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nssFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4thunderbirdFixedRHSA-2010:068208.09.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nssFixedRHSA-2010:068108.09.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=630067Mozilla Dangling pointer vulnerability in nsTreeContentView (MFSA 2010-56)

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-3167

ubuntu
почти 15 лет назад

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

nvd логотип

CVE-2010-3167

nvd
почти 15 лет назад

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

debian логотип

CVE-2010-3167

debian
почти 15 лет назад

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3. ...

github логотип

GHSA-996j-6q9j-r4xp

github
около 3 лет назад

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

oracle-oval логотип

ELSA-2010-0681

oracle-oval
почти 15 лет назад

ELSA-2010-0681: firefox security update (CRITICAL)

6.8 Medium

CVSS2