CVE-2010-1198 – Mozilla Freed object reuse across plugin instances
https://notcve.org/view.php?id=CVE-2010-1198
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances. Vulnerabilidad de uso después de la liberación (Use-after-free) en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, y SeaMonkey anterior v2.0.5, permite a atacantes remotos ejecutar código de su elección a través de vectores involucrados en múltiples instancias plugin. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 ht • CWE-399: Resource Management Errors •
CVE-2010-1196 – nsGenericDOMDataNode:: SetTextInternal
https://notcve.org/view.php?id=CVE-2010-1196
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow. Desbordamiento de enteros en la función GenericDOMDataNode::SetTextInternal en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, Thunderbird anterior v3.0.5, y SeaMonkey anterior v2.0.5 permite a atacantes remotos ejecutar código de su elección a través de un nodo DOM con un valor de texto largo que provoca un desbordamiento de búfer basado en la memoria dinámica • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/ • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVE-2010-1200 – Mozilla Crashes with evidence of memory corruption
https://notcve.org/view.php?id=CVE-2010-1200
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificados en el motor JavaScript en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, Thunderbird anterior v3.0.5, y SeaMonkey anterior v2.0.5 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de programa) o probablemente ejecutar código de su elección a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/ •
CVE-2010-1197 – Content-Disposition: attachment ignored if Content-Type: multipart also present
https://notcve.org/view.php?id=CVE-2010-1197
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document. Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, y SeaMonkey anterior v2.0.5, no maneja adecuadamente situaciones en que "Content-Disposition: attachment" y "Content-Type: multipart" están presentes en las cabeceras HTTP, lo que permite a atacantse remotos conducir ataques de secuencias de comandos en sitios cruzados XSS a través de un documentos HTML cargado. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 ht • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2010-0183
https://notcve.org/view.php?id=CVE-2010-0183
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus. Vulnerabilidad de uso después de la liberación (Use-after-free) en la función nsCycleCollector::MarkRoots en Mozilla Firefox v3.5.x anterior v3.5.10 y SeaMonkey anteior v2.0.5 permite a atacantes remotos ejecutar código de su elección a través de un documento HTML manipulado, relacionado con el proceso de construcción inadecuado de un frame para menús. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40481 http://www.mozilla.org/security/announce/2010/mfsa2010-27.html http://www.securityfocus.com/bid/41050 http://www.securitytracker.com/id?1024138 http://www.vupen.com/english/advisories/2010/ • CWE-399: Resource Management Errors •