CVSS: 5.1EPSS: 1%CPEs: 203EXPL: 0CVE-2010-0179 – Firefox Arbitrary code execution with Firebug XMLHttpRequestSpy
https://notcve.org/view.php?id=CVE-2010-0179
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. Mozilla Firefox anteriores a v3.0.19 y v3.5.x anteriores a v3.5.8, y SeaMonkey anteriores a v2.0.3, cuando se utiliza el modulo XMLHttpRequestSpy en el complemento Firebug, no gestiona adecuadamente la interacción entre el objeto XMLHttpRequestSpy y los objetos con privilegios chrome, lo que permite a atacantes remotos ejecutar JavaScript de forma arbitraria a través de peticiones HTTP manipuladas. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://secunia.com/advisories/3924 http://secunia.com/advisories/39243 http://secunia.com/advisories/39308 http://secunia.com/advisories/39397 http://secunia.com/advisories/42818 http://securitytracker.com/id?1023783 http://support.avaya.com/css/P8/documents/100124650 http://ubuntu.com/usn/usn-921-1 http://www.debian.org/security& • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 25%CPEs: 206EXPL: 0CVE-2010-0174 – Mozilla crashes with evidence of memory corruption
https://notcve.org/view.php?id=CVE-2010-0174
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de v3.0.19, también en v3.5.x antes de v3.5.9 y 3.6.x antes de v3.6.2; en Thunderbird antes de v3.0.4, y SeaMonkey antes de 2.0.4 permiten a atacantes remotos provocar una denegación de servicio (mediante corrupción de memoria y caída de aplicación) y posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038378.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038406.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38566 http://secunia.com/advisories/39117 http://secunia.com/advisories/39136 http://secunia.com/advisories/39204 http://secunia.com/advisories/39240 http:&# •
CVSS: 4.3EPSS: 0%CPEs: 206EXPL: 0CVE-2010-0182 – mozilla: XMLDocument:: load() doesn't check nsIContentPolicy (MFSA 2010-24)
https://notcve.org/view.php?id=CVE-2010-0182
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content. La función XMLDocument::load en Mozilla Firefox anteriores a v3.5.9 y v3.6.x anteriores a v3.6.2, Thunderbird anteriores a v3.0.4, y SeaMonkey anteriores a v2.0.4 no realiza las comprobaciones de los controles de nsIContentPolicy durante la carga de contenidos de documentos XML, lo que permite a atacantes evitar las restricciones de acceso a través de contenido manipulado. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/39397 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-921-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 http://www.mozilla.org/security/announce/2010/mfsa2010-24.html http://www.redhat.com/support/errata/RHSA-2010-0500.html http://www.redhat.com/support/errata/RHSA-2010-0501.html http://www.securityfocus.com/bid/39479 ht • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 88%CPEs: 206EXPL: 0CVE-2010-0176 – Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0176
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability." Mozilla Firefox v3.0.19, v3.5.x antes de v3.5.9, y v3.6.x antes de v3.6.2; Thunderbird antes de v3.0.4, y SeaMonkey antes de v2.0.4 no gestionan adecuadamente la cuenta de referencias a elementos de opción en un árbol XUL optgroup , lo que podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores no especificados que desencadenan el acceso a los elementos eliminados, relacionados con una vulnerabilidad de puntero colgado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required in that the victim must visit a malicious website or be coerced into opening a malicious document. The specific flaw exists within the way that Mozilla's Firefox parses .XUL files. While appending a particular tag to a treechildren container, the application will create more than one reference to a particular element without increasing its reference count. • http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038378.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038406.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38566 http://secunia.com/advisories/39117 http://secunia.com/advisories/39136 http://secunia.com/advisories/39204 http://secunia.com/advisories/39240 http:&# • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 10%CPEs: 205EXPL: 0CVE-2010-0175 – Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0175
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. Vulnerabilidad de uso después de la liberación (Use after free)en la implementación nsTreeSelection en Mozilla Firefox anteriores a v3.0.19 y v3.5.x anteriores a v3.5.9, Thunderbird anteriores a v3.0.4, y SeaMonkey anteriores a v2.0.4, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de vectores no específicos que pueden provocar una llamada a ciertos gestores de de eventos. This vulnerability allows remote attackers to execute arbitrary code on software utilizing a vulnerable version of Mozilla's Firefox. User interaction is required in that the victim must visit a malicious website or be coerced into opening a malicious document. The specific flaw exists within how the application handles particular events for an nsTreeSelection element. Upon execution of a "select" event the application will access an element without checking to see if it's been previously freed or not. • http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038378.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038406.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38566 http://secunia.com/advisories/39117 http://secunia.com/advisories/39136 http://secunia.com/advisories/39204 http://secunia.com/advisories/39240 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •