Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2010-3774

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 10 Π΄Π΅ΠΊ. 2010
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS2: 4.3

ОписаниС

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

ignored

end of life
devel

released

4.0~b8+nobinonly-0ubuntu3
hardy

ignored

end of life
karmic

DNE

lucid

released

3.6.13+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

3.6.13+build3+nobinonly-0ubuntu0.10.10.1
upstream

released

3.6.13

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

DNE

devel

DNE

hardy

released

3.6.13+build3+nobinonly-0ubuntu0.8.04.1
karmic

DNE

lucid

DNE

maverick

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

DNE

devel

DNE

hardy

DNE

karmic

released

3.6.13+build3+nobinonly-0ubuntu0.9.10.1
lucid

DNE

maverick

DNE

upstream

needs-triage

Ubuntu source uses 3.6.x

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

DNE

devel

released

2.0.11+build1+nobinonly-0ubuntu1
hardy

released

2.0.11+build1+nobinonly-0ubuntu0.8.04.1
karmic

released

2.0.11+build1+nobinonly-0ubuntu0.9.10.1
lucid

released

2.0.11+build1+nobinonly-0ubuntu0.10.04.1
maverick

released

2.0.11+build1+nobinonly-0ubuntu0.10.10.1
upstream

released

2.0.11

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
dapper

DNE

devel

released

1.9.2.13+build3+nobinonly-0ubuntu1
hardy

released

1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1
karmic

released

1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1
lucid

released

1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1
maverick

released

1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1
upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 78%
0.01165
Низкий

4.3 Medium

CVSS2

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2010-3774

redhat
большС 14 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2010-3774

nvd
большС 14 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2010-3774

debian
большС 14 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-g9p5-q9ww-v8w9

github
ΠΎΠΊΠΎΠ»ΠΎ 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.

oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2010-0966

oracle-oval
большС 14 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ELSA-2010-0966: firefox security update (CRITICAL)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 78%
0.01165
Низкий

4.3 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2010-3774