CVSS: 5.1EPSS: 0%CPEs: 191EXPL: 0CVE-2010-1210 – Mozilla Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
https://notcve.org/view.php?id=CVE-2010-1210
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text. intl/uconv/util/nsUnicodeDecodeHelper.cpp en Mozilla Firefox en versiones anteriores a la v3.6.7 y Thunderbird en anteriores a la v3.1.1 inserta una secuencia U+FFFD en texto en determinadas circunstancias en posiciones indefinidas, lo que facilita a atacantes remotos ejecutar ataques de secuencias de comandos en sitios cruzados (XSS) a través de un texto de 8 bit modificado. • http://www.mozilla.org/security/announce/2010/mfsa2010-44.html https://bugzilla.mozilla.org/show_bug.cgi?id=564679 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11863 https://access.redhat.com/security/cve/CVE-2010-1210 https://bugzilla.redhat.com/show_bug.cgi?id=615474 • CWE-20: Improper Input Validation •
CVSS: 5.1EPSS: 0%CPEs: 6EXPL: 0CVE-2010-1207 – Mozilla Same-origin bypass using canvas context
https://notcve.org/view.php?id=CVE-2010-1207
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion. Mozilla Firefox en versiones anteriores a la v3.6.7 y Thunderbird en versiones anteriores a la v3.1.1 no implementan apropiadamente las restricciones de acceso a los elementos CANVAS, lo que permite a atacantes remotos obtener información confidencial fuera de origen a través de vectores de ataque relacionados con la retención de referencias y el borrado de nodos. • http://www.mozilla.org/security/announce/2010/mfsa2010-43.html https://bugzilla.mozilla.org/show_bug.cgi?id=571287 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11887 https://access.redhat.com/security/cve/CVE-2010-1207 https://bugzilla.redhat.com/show_bug.cgi?id=615472 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 70%CPEs: 31EXPL: 4CVE-2010-1205 – libpng 1.4.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2010-1205
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. • https://www.exploit-db.com/exploits/14422 https://github.com/mk219533/CVE-2010-1205 http://blackberry.com/btsc/KB27244 http://code.google.com/p/chromium/issues/detail?id=45983 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-anno • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 1CVE-2010-1990
https://notcve.org/view.php?id=CVE-2010-1990
Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. Mozilla Firefox v3.6.x, v3.5.x, v3.0.19, anteriores y SeaMonkey, ejecuta una aplicación mail en situaciones dónde un elemento IFRAME tiene un mailto: URL en su atributo SRC, lo que permite a atacantes remotos causar una denegación de servicio (lanzamiento de demasiadas aplicaciones) a través de un documento HTML con varios elementos IFRAME. • http://websecurity.com.ua/4206 http://www.securityfocus.com/archive/1/511327/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12386 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 2%CPEs: 238EXPL: 1CVE-2010-1585 – javascript: URLs in chrome documents (MFSA 2011-08)
https://notcve.org/view.php?id=CVE-2010-1585
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. El método nsIScriptableUnescapeHTML.parseFragment en el mecanismo de protección ParanoidFragmentSink en Mozilla Firefox en versiones anteriores a 3.5.17 y 3.6.x en versiones anteriores a 3.6.14, Thunderbird en versiones anteriores a 3.1.8 y SeaMonkey en versiones anteriores a 2.0.12 no desinfecta adecuadamente HTML en un documento chrome, lo que hace más fácil a atacantes remotos ejecutar JavaScript arbitrario con privilegios de chrome a través de un javascript: URI en entrada a una extensión, como se demuestra por una secuencia javascript:alert en el atributo (1) HREF de un elemento A o el atributo (2) ACTION de un elemento FORM. • http://downloads.avaya.com/css/P8/documents/100133195 http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mandriva.com/security/advisories?name=MDVSA-2011:042 http://www.mozilla.org/security/announce/2011/mfsa2011-08.html http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf http://www.securityfocus.com/archive/1/510883/100/0/threaded https://bug • CWE-20: Improper Input Validation •