CVSS: 9.3EPSS: 3%CPEs: 6EXPL: 0CVE-2010-1212 – Mozilla miscellaneous memory safety hazards
https://notcve.org/view.php?id=CVE-2010-1212
js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function. js/src/jstracer.cpp en el motor del navegador en Mozilla Firefox v3.6.x anteriores a la v3.6.7 y Thunderbird v3.1.x anteriores a la v3.1.1 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores de ataque relacionados con (1) la propagación de cancelaciones en profundidad en la función TraceRecorder::record_JSOP_BINDNAME, (2) el manejo en profundidad en la función TraceRecorder::record_JSOP_GETELEM, y (3) el registro de argumentos fuera de rango en la función TraceRecorder::record_JSOP_ARGSUB. • http://www.mozilla.org/security/announce/2010/mfsa2010-34.html https://bugzilla.mozilla.org/show_bug.cgi?id=530955 https://bugzilla.mozilla.org/show_bug.cgi?id=558618 https://bugzilla.mozilla.org/show_bug.cgi?id=568855 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11771 https://access.redhat.com/security/cve/CVE-2010-1212 https://bugzilla.redhat.com/show_bug.cgi?id=615456 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 72EXPL: 0CVE-2010-1211 – Mozilla miscellaneous memory safety hazards
https://notcve.org/view.php?id=CVE-2010-1211
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Multiples vulnerabilidades sin especificar en el motor de navegación de Mozilla Firefox v3.5.x anteriores a la v3.5.11 y v3.6.x anteriores a la v3.6.7, Thunderbird v3.0.x anteriores a la v3.0.6 y v3.1.x anteriores a la v3.1.1, y SeaMonkey en versiones anteriores a la v2.0.6. Permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores de ataque sin especificar. • http://www.mozilla.org/security/announce/2010/mfsa2010-34.html https://bugzilla.mozilla.org/show_bug.cgi?id=507775 https://bugzilla.mozilla.org/show_bug.cgi?id=528644 https://bugzilla.mozilla.org/show_bug.cgi?id=529087 https://bugzilla.mozilla.org/show_bug.cgi?id=535926 https://bugzilla.mozilla.org/show_bug.cgi? •
CVSS: 5.1EPSS: 0%CPEs: 72EXPL: 0CVE-2010-2754 – Mozilla Cross-origin data leakage from script filename in error messages
https://notcve.org/view.php?id=CVE-2010-2754
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. dom/base/nsJSEnvironment.cpp en Mozilla Firefox v3.5.x anteriores a v3.5.11 y v3.6.x anteriores a v3.6.7, Thunderbird v3.0.x anteriores a v3.0.6 y v3.1.x anteriores a v3.1.1, y SeaMonkey anteriores a v2.0.6 no suprimen apropiadamente una URL de script en ciertas circunstancias que involucran una redirección y un mensaje de error, lo que permite a atacantes remotos obtener información confidencial sobre parámetros de script a través de un documento HTML modificdo, relacionado con el manejador window.onerror. • http://www.mozilla.org/security/announce/2010/mfsa2010-47.html https://bugzilla.mozilla.org/show_bug.cgi?id=568564 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11770 https://access.redhat.com/security/cve/CVE-2010-2754 https://bugzilla.redhat.com/show_bug.cgi?id=615488 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 13%CPEs: 14EXPL: 1CVE-2010-2753 – Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free. Un desbordamiento de enteros en Firefox versiones 3.5.x anteriores a 3.5.11 y versiones 3.6.x anteriores a 3.6.7, Thunderbird versiones 3.0.x anteriores a 3.0.6 y versiones 3.1.x anteriores a 3.1.1, y SeaMonkey anterior a versión 2.0.6, de Mozilla, permite a atacantes remotos ejecutar código arbitrario por medio de un atributo de selección grande en un elemento del árbol XUL, lo que desencadena un uso de la memoria previamente liberada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of XUL <tree> element's "selection" attribute. There is an integer overflow when calculating the bounds of a new selection range. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://www.mozilla.org/security/announce/2010/mfsa2010-40.html http://www.securityfocus.com/archive/1/512510 http://www.securityfocus.com/bid/41853 http://www.zerodayinitiative.com/advisories/ZDI-10-131 https://bugzilla.mozilla.org/show_bug.cgi?id=571106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10958 https://access.redhat.com/security/cve/CVE-2010-2753 https://bugzilla • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free •
CVSS: 10.0EPSS: 79%CPEs: 72EXPL: 1CVE-2010-2752 – Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2752
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers. Un desbordamiento de enteros en una clase de matriz en Firefox versiones 3.5.x anteriores a 3.5.11 y versiones 3.6.x anteriores a 3.6.7, Thunderbird versiones 3.0.x anteriores a 3.0.6 y versiones 3.1.x anteriores a 3.1.1, y SeaMonkey anterior a versión 2.0.6, de Mozilla, permite a los atacantes remotos ejecutar código arbitrario mediante la colocación de muchos valores de Cascading Style Sheets (CSS) en una matriz, relacionada con referencias a recursos de fuente externa y una inconsistencia entre enteros de 16 bits y 32 bits. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of references to external font resources. A value is used as a 16 bit integer in an array allocation and later as 32 bit when iterating over and then populating these fields. • https://www.exploit-db.com/exploits/15104 http://www.mozilla.org/security/announce/2010/mfsa2010-39.html http://www.securityfocus.com/archive/1/512514 http://www.securityfocus.com/bid/41852 http://www.zerodayinitiative.com/advisories/ZDI-10-133 https://bugzilla.mozilla.org/show_bug.cgi?id=574059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11680 https://access.redhat.com/security/cve/CVE-2010-2752 https://bugzilla.redhat.com/show_bug.cgi? • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •