CVSS: 4.3EPSS: 0%CPEs: 202EXPL: 0CVE-2010-2763
https://notcve.org/view.php?id=CVE-2010-2763
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function. La clase XPCSafeJSObjectWrapper en la implementación SafeJSObjectWrapper (también conocido como SJOW) en Mozilla Firefox anterior a v3.5.12, Thunderbird anterior a v3.0.7, y SeaMonkey anterior a v2.0.7 no restringe adecuadamente funciones de secuencias de comandos, permitiendo a atacantes remotos eludir la Same Origin Policy y llevar a cabo la ejecución de secuencias de comandos en sitios cruzados (XSS) mediante una función manipulada • http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://www.debian.org/security/2010/dsa-2106 http://www.mozilla.org/security/announce/2010/mfsa2010-60.html http://www.vupen.com/english/advisories/2010/2323 https://bugzilla.mozilla.org/show_bug.cgi?id=585284 https://exchange.xforce.ibmcloud.com/vulnerabilities/61665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 31%CPEs: 212EXPL: 0CVE-2010-2765 – Mozilla Frameset integer overflow vulnerability (MFSA 2010-50)
https://notcve.org/view.php?id=CVE-2010-2765
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow. Desbordamiento de entero en la implementación del elemento FRAMESET en Mozilla Firefox anterior a v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, SeaMonkey anterior a v2.0.7 podría permitir a atacantes remotos ejecutar código arbitrario a través de un gran número de valores en los atributos cols (también conocidos como columnas), dando lugar a un desbordamiento de búfer basado en memoria dinámica • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100110210 http://support.avaya.com/css/P8/documents/100112690 http://www.debian.org/security/2010/dsa-2106 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http:/&#x • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 23%CPEs: 212EXPL: 0CVE-2010-2767 – Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)
https://notcve.org/view.php?id=CVE-2010-2767
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability." La aplicación navigator.plugins en Mozilla Firefox anterior a v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, y SeaMonkey anterior a v2.0.7 no controla correctamente la destrucción del plugin matriz DOM, lo que podría permitir a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o ejecutar código arbitrario a través de un acceso manipulado al navegador de objetos, relacionados con una vulnerabilidad "de puntero colgado". • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100110210 http://support.avaya.com/css/P8/documents/100112690 http://www.debian.org/security/2010/dsa-2106 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http:/&#x • CWE-399: Resource Management Errors •
CVSS: 5.1EPSS: 0%CPEs: 212EXPL: 0CVE-2010-2768 – Mozilla UTF-7 XSS by overriding document charset using <object> type attribute (MFSA 2010-61)
https://notcve.org/view.php?id=CVE-2010-2768
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding. Mozilla Firefox anterior a v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, y SeaMonkey anterior a v2.0.7 no restringe adecuadamente el uso del atributo type de un elemento OBJECT para establecer un conjunto de caracteres del documento, lo que permite a atacantes remotos eludir mecanismos de protección de ejecución de secuencias de comandos (XSS) a través de codificación UTF-7. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100110210 http://support.avaya.com/css/P8/documents/100112690 http://www.debian.org/security/2010/dsa-2106 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http:/&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 42%CPEs: 212EXPL: 0CVE-2010-3167 – Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3167
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability." La función nsTreeContentView en Mozilla Firefox v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, y SeaMonkey anterior a v2.0.7 no maneja correctamente la eliminación de nodos en Árboles XUL, permitiendo a atacantes remotos ejecutar código arbitrario a través de vectores que implican el acceso a la memoria eliminada, relacionado con "vulnerabilidad de puntero colgado". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of a particular element within the XUL namespace. Due to a method for the element having the side effect of executing javascript, an attacker can provide their own javascript code which can be used to remove an object out from underneath the element's child hierarchy. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100110210 http://support.avaya.com/css/P8/documents/100112690 http://www.debian.org/security/2010/dsa-2106 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •