[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97389

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-5074

Date: (C)2011-12-07   (M)2017-09-22
 
CVSS Score: 4.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE











The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.

Reference:
http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/

CPE    148
cpe:/a:mozilla:seamonkey:1.1.19
cpe:/a:mozilla:seamonkey:1.1.18
cpe:/a:mozilla:seamonkey:1.1.17
cpe:/a:mozilla:seamonkey:1.1:beta
...
CWE    1
CWE-362

© 2013 SecPod Technologies