CVSS: 9.3EPSS: 11%CPEs: 154EXPL: 0CVE-2010-3766 – Mozilla Firefox nsDOMAttribute MutationObserver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3766
Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node. Vulnerabilidad de uso después de liberación en Mozilla Firefox en versiones anteriores a la 3.5.16 y 3.6.x en versiones anteriores a la 3.6.13 y SeaMonkey en versiones anteriores a la 2.0.11, permite a atacantes remotos ejecutar código de su elección mediante vectores que involucran un cambio a un nodo nsDOMAttribute. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the NodeIterator API used for element traversal. Due to a particular element not implementing functionality required by the API, a use-after free vulnerability can be forced to occur. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 http://support.avaya.com/css/P8& • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.3EPSS: 42%CPEs: 154EXPL: 0CVE-2010-3767 – Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3767
Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements. Desbordamiento de entero en la función NewArray en Mozilla Firefox en versiones anteriores a la 3.5.16 y 3.6.x en versiones anteriores a la 3.6.13 y SeaMonkey en versiones anteriores a la 2.0.11, permite a atacantes remotos ejecutar código de su elección mediante un array JavaScript con muchos elementos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 http://support.avaya.com/css/P8& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 97%CPEs: 56EXPL: 7CVE-2010-3765 – Mozilla Firefox - Simplified Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2010-3765
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. Firefox versiones 3.5.x hasta 3.5.14 y versiones 3.6.x hasta 3.6.11, Thunderbird versiones 3.1.6 anteriores a 3.1.6 y versiones 3.0.x anteriores a 3.0.10, y SeaMonkey versiones 2.x anteriores a 2.0.10, de Mozilla, cuando JavaScript está habilitado, permite a los atacantes remotos ejecutar código arbitrario por medio de vectores relacionados con nsCSSFrameConstructor::ContentAppended, el método appendChild, el seguimiento incorrecto de índices y la creación de varias tramas, lo que desencadena corrupción de memoria, como se explotó “in the wild” en octubre de 2010 por el malware Belmoo. • https://www.exploit-db.com/exploits/15342 https://www.exploit-db.com/exploits/15341 https://www.exploit-db.com/exploits/16509 https://www.exploit-db.com/exploits/15352 http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6 http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://isc.sans.edu/diary.html?storyid=9817 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 135EXPL: 0CVE-2010-3174
https://notcve.org/view.php?id=CVE-2010-3174
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en el motor del navegador Mozilla Firefox v3.5.x anterior a v3.5.14, Thunderbird anterior a v3.0.9 y SeaMonkey anterior a v2.0.9 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores desconocidos. • http://www.debian.org/security/2010/dsa-2124 http://www.mandriva.com/security/advisories?name=MDVSA-2010:210 http://www.mandriva.com/security/advisories?name=MDVSA-2010:211 http://www.mozilla.org/security/announce/2010/mfsa2010-64.html https://bugzilla.mozilla.org/show_bug.cgi?id=476547 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11517 •
CVSS: 6.9EPSS: 0%CPEs: 221EXPL: 0CVE-2010-3181
https://notcve.org/view.php?id=CVE-2010-3181
Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en Mozilla Firefox anterior a v3.5.14 y v3.6.x anterior a v3.6.11, Thunderbird anterior a v3.0.9 y v3.1.x anterior a 3.1.5, y SeaMonkey anterior a v2.0.9 en Windows permite a usuarios locales conseguir privilegios a través de un DLL (caballo de Troya) en el directorio de trabajo actual. • http://www.mozilla.org/security/announce/2010/mfsa2010-71.html https://bugzilla.mozilla.org/show_bug.cgi?id=589190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12116 •