Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3182

Опубликовано: 21 окт. 2010
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.9

Описание

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

РелизСтатусПримечание
dapper

ignored

end of life
devel

released

3.6.11+build3+nobinonly-0ubuntu0.10.10.1
hardy

ignored

end of life
jaunty

DNE

karmic

DNE

lucid

released

3.6.11+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

3.6.11+build3+nobinonly-0ubuntu0.10.10.1
natty

released

3.6.11+build3+nobinonly-0ubuntu0.10.10.1
upstream

released

3.6.11

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

3.6.11+build3+nobinonly-0ubuntu0.8.04.1
jaunty

released

3.6.11+build3+nobinonly-0ubuntu0.9.04.1
karmic

DNE

lucid

DNE

maverick

DNE

natty

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

released

3.5.14+build3+nobinonly-0ubuntu0.9.04.1
karmic

released

3.6.11+build3+nobinonly-0ubuntu0.9.10.1
lucid

DNE

maverick

DNE

natty

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.9+build1+nobinonly-0ubuntu0.10.10.1
hardy

released

2.0.9+build1+nobinonly-0ubuntu0.8.04.1
jaunty

released

2.0.9+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

2.0.9+build1+nobinonly-0ubuntu0.9.10.1
lucid

released

2.0.9+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

2.0.9+build1+nobinonly-0ubuntu0.10.10.1
natty

released

2.0.9+build1+nobinonly-0ubuntu0.10.10.1
upstream

released

2.0.9

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.1.5+build1+nobinonly-0ubuntu0.10.10.1
hardy

ignored

end of life
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

released

3.0.9+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

3.1.5+build1+nobinonly-0ubuntu0.10.10.1
natty

released

3.1.5+build1+nobinonly-0ubuntu0.10.10.1
upstream

released

3.0.9, 3.1.5

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

released

1.9.1.14+build4+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1
lucid

DNE

maverick

DNE

natty

DNE

upstream

released

1.9.1.14

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1
hardy

released

1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1
jaunty

released

1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1
lucid

released

1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1
natty

released

1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1
upstream

released

1.9.2.11

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.00078
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-3182

redhat
около 15 лет назад

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

nvd логотип

CVE-2010-3182

nvd
около 15 лет назад

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

debian логотип

CVE-2010-3182

debian
около 15 лет назад

A certain application-launch script in Mozilla Firefox before 3.5.14 a ...

github логотип

GHSA-j62p-q592-cjfv

github
больше 3 лет назад

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

oracle-oval логотип

ELSA-2010-0782

oracle-oval
около 15 лет назад

ELSA-2010-0782: firefox security update (CRITICAL)

EPSS

Процентиль: 24%
0.00078
Низкий

6.9 Medium

CVSS2

Уязвимость CVE-2010-3182