Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3771

Опубликовано: 10 дек. 2010
Источник: ubuntu
Приоритет: high
EPSS Низкий
CVSS2: 6.8

Описание

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.

РелизСтатусПримечание
dapper

ignored

end of life
devel

released

4.0~b8+nobinonly-0ubuntu3
hardy

ignored

end of life
karmic

DNE

lucid

released

3.6.13+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

3.6.13+build3+nobinonly-0ubuntu0.10.10.1
upstream

released

3.6.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

3.6.13+build3+nobinonly-0ubuntu0.8.04.1
karmic

DNE

lucid

DNE

maverick

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

karmic

released

3.6.13+build3+nobinonly-0ubuntu0.9.10.1
lucid

DNE

maverick

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.11+build1+nobinonly-0ubuntu1
hardy

released

2.0.11+build1+nobinonly-0ubuntu0.8.04.1
karmic

released

2.0.11+build1+nobinonly-0ubuntu0.9.10.1
lucid

released

2.0.11+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

2.0.11+build1+nobinonly-0ubuntu0.10.10.1
upstream

released

2.0.11

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.2.13+build3+nobinonly-0ubuntu1
hardy

released

1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1
karmic

released

1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1
lucid

released

1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 84%
0.02236
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-3771

redhat
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.

nvd логотип

CVE-2010-3771

nvd
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.

debian логотип

CVE-2010-3771

debian
больше 14 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey b ...

github логотип

GHSA-w2c5-5mgc-qjcf

github
около 3 лет назад

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.

oracle-oval логотип

ELSA-2010-0966

oracle-oval
больше 14 лет назад

ELSA-2010-0966: firefox security update (CRITICAL)

EPSS

Процентиль: 84%
0.02236
Низкий

6.8 Medium

CVSS2