Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-3168

Опубликовано: 07 сент. 2010
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 3seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4seamonkeyFixedRHSA-2010:068008.09.2010
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4nssFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 4thunderbirdFixedRHSA-2010:068208.09.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nsprFixedRHSA-2010:068108.09.2010
Red Hat Enterprise Linux 5nssFixedRHSA-2010:068108.09.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=630064Mozilla XUL tree removal crash and remote code execution (MFSA 2010-55)

EPSS

Процентиль: 89%
0.04835
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-3168

ubuntu
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

nvd логотип

CVE-2010-3168

nvd
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

debian логотип

CVE-2010-3168

debian
почти 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...

github логотип

GHSA-77mq-xmv8-43x5

github
около 3 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

oracle-oval логотип

ELSA-2010-0681

oracle-oval
почти 15 лет назад

ELSA-2010-0681: firefox security update (CRITICAL)

EPSS

Процентиль: 89%
0.04835
Низкий

6.8 Medium

CVSS2