Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3168

Опубликовано: 09 сент. 2010
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 9.3

Описание

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

РелизСтатусПримечание
dapper

ignored

end of life
devel

released

3.6.9+build1+nobinonly-0ubuntu1
hardy

ignored

end of life
jaunty

DNE

karmic

DNE

lucid

released

3.6.9+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

3.6.9+build1+nobinonly-0ubuntu1
natty

released

3.6.9+build1+nobinonly-0ubuntu1
upstream

released

3.6.9

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

3.6.9+build1+nobinonly-0ubuntu0.8.04.1
jaunty

released

3.6.9+build1+nobinonly-0ubuntu0.9.04.1
karmic

DNE

lucid

DNE

maverick

DNE

natty

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

released

3.5.12+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

3.6.9+build1+nobinonly-0ubuntu0.9.10.2
lucid

DNE

maverick

DNE

natty

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.7+build1+nobinonly-0ubuntu1
hardy

released

2.0.8+build1+nobinonly-0ubuntu0.8.04.1
jaunty

released

2.0.8+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

2.0.8+build1+nobinonly-0ubuntu0.9.10.1
lucid

released

2.0.7+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

2.0.7+build1+nobinonly-0ubuntu1
natty

released

2.0.7+build1+nobinonly-0ubuntu1
upstream

released

2.0.7

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.1.3+build1+nobinonly-0ubuntu1
hardy

ignored

end of life
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

released

3.0.7+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

3.1.3+build1+nobinonly-0ubuntu1
natty

released

3.1.3+build1+nobinonly-0ubuntu1
upstream

released

3.0.7, 3.1.3

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

released

1.9.1.12+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
lucid

DNE

maverick

DNE

natty

DNE

upstream

released

1.9.1.12

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.2.9+build1+nobinonly-0ubuntu1
hardy

released

1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
jaunty

released

1.9.2.9+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
lucid

released

1.9.2.9+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

1.9.2.9+build1+nobinonly-0ubuntu1
natty

released

1.9.2.9+build1+nobinonly-0ubuntu1
upstream

released

1.9.2.9

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%
0.05036
Низкий

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-3168

redhat
около 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

nvd логотип

CVE-2010-3168

nvd
около 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

debian логотип

CVE-2010-3168

debian
около 15 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...

github логотип

GHSA-77mq-xmv8-43x5

github
больше 3 лет назад

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

oracle-oval логотип

ELSA-2010-0681

oracle-oval
около 15 лет назад

ELSA-2010-0681: firefox security update (CRITICAL)

EPSS

Процентиль: 89%
0.05036
Низкий

9.3 Critical

CVSS2