[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3166Date: (C)2010-09-09   (M)2024-03-27


Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-42867
BID-43102
ADV-2010-2323
ADV-2011-0061
FEDORA-2010-14362
MDVSA-2010:173
SUSE-SA:2010:049
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
http://support.avaya.com/css/P8/documents/100112690
http://www.mozilla.org/security/announce/2010/mfsa2010-53.html
https://bugzilla.mozilla.org/show_bug.cgi?id=579655
oval:org.mitre.oval:def:12186

CPE    211
cpe:/a:mozilla:firefox:1.5:beta2
cpe:/a:mozilla:firefox:1.5:beta1
cpe:/a:mozilla:thunderbird:1.0
cpe:/a:mozilla:thunderbird:1.5
...
CWE    1
CWE-119
OVAL    17
oval:org.secpod.oval:def:200057
oval:org.secpod.oval:def:700075
oval:org.secpod.oval:def:101001
oval:org.secpod.oval:def:100859
...

© SecPod Technologies