CVE-2010-1214
Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
Desbordamiento de entero en Mozilla Firefox v3.5.x anteriores a la v3.5.11 y v3.6.x anteriores a la v3.6.7, y SeaMonkey en versiones anteriores a la v2.0.6, permite a atacantes remotos ejecutar código de elección a través del "plugin content" con muchos elementos de parámetro.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the browser's method for parsing child elements out of a particular tag. The application will use a 32-bit index to enumerate them, but will store it in a 16-bit signed integer and then use it to allocate space for a cache. When populating the cache a buffer overflow will occur. This can lead to code execution under the context of the application.
*Credits:
J23 (http://twitter.com/HansJ23)
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-03-30 CVE Reserved
- 2010-07-20 CVE Published
- 2010-07-20 First Exploit
- 2024-08-01 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=572985 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11685 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/34358 | 2010-07-20 | |
| https://www.exploit-db.com/exploits/15027 | 2010-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.mozilla.org/security/announce/2010/mfsa2010-37.html | 2017-09-19 | |
| https://access.redhat.com/security/cve/CVE-2010-1214 | 2010-07-21 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=615462 | 2010-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.1 Search vendor "Mozilla" for product "Firefox" and version "3.5.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.2 Search vendor "Mozilla" for product "Firefox" and version "3.5.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.3 Search vendor "Mozilla" for product "Firefox" and version "3.5.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.4 Search vendor "Mozilla" for product "Firefox" and version "3.5.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.5 Search vendor "Mozilla" for product "Firefox" and version "3.5.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.6 Search vendor "Mozilla" for product "Firefox" and version "3.5.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.7 Search vendor "Mozilla" for product "Firefox" and version "3.5.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.9 Search vendor "Mozilla" for product "Firefox" and version "3.5.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.5.10 Search vendor "Mozilla" for product "Firefox" and version "3.5.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.6.1 Search vendor "Mozilla" for product "Firefox" and version "3.6.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.6.2 Search vendor "Mozilla" for product "Firefox" and version "3.6.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.6.3 Search vendor "Mozilla" for product "Firefox" and version "3.6.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.6.4 Search vendor "Mozilla" for product "Firefox" and version "3.6.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 3.6.6 Search vendor "Mozilla" for product "Firefox" and version "3.6.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | <= 2.0.5 Search vendor "Mozilla" for product "Seamonkey" and version " <= 2.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | alpha |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | beta |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.2 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.3 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.4 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.5 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.6 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.7 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.8 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.9 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.1" | alpha |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.1" | beta |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.2 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.3 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.4 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.5 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.6 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.7 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.8 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.9 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.10 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.11 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.11" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.12 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.12" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.13 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.13" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.14 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.14" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.15 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.15" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.16 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.16" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.17 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.17" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.18 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.18" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.1.19 Search vendor "Mozilla" for product "Seamonkey" and version "1.1.19" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.5.0.8 Search vendor "Mozilla" for product "Seamonkey" and version "1.5.0.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.5.0.9 Search vendor "Mozilla" for product "Seamonkey" and version "1.5.0.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.5.0.10 Search vendor "Mozilla" for product "Seamonkey" and version "1.5.0.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | alpha_1 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | alpha_2 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | alpha_3 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | beta_1 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | beta_2 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | rc1 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0 Search vendor "Mozilla" for product "Seamonkey" and version "2.0" | rc2 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0.1 Search vendor "Mozilla" for product "Seamonkey" and version "2.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0.2 Search vendor "Mozilla" for product "Seamonkey" and version "2.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0.3 Search vendor "Mozilla" for product "Seamonkey" and version "2.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0.4 Search vendor "Mozilla" for product "Seamonkey" and version "2.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 2.0a1pre Search vendor "Mozilla" for product "Seamonkey" and version "2.0a1pre" | - |
Affected
| ||||||