Lucene search

[email protected]CVE-2010-5074

HistoryDec 07, 2011 - 7:55 p.m.

CVE-2010-5074

2011-12-0719:55:01

CWE-362

[email protected]

web.nvd.nist.gov

cve-2010-5074

mozilla firefox

thunderbird

seamonkey

css

remote attackers

information security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

8.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.0%

JSON

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.

Affected configurations

NVD

Node

mozillafirefoxRange≤3.6.24

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.0.15

mozillafirefoxMatch3.0.16

mozillafirefoxMatch3.0.17

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillafirefoxMatch3.5.4

mozillafirefoxMatch3.5.5

mozillafirefoxMatch3.5.6

mozillafirefoxMatch3.5.7

mozillafirefoxMatch3.5.8

mozillafirefoxMatch3.5.9

mozillafirefoxMatch3.5.10

mozillafirefoxMatch3.5.11

mozillafirefoxMatch3.5.12

mozillafirefoxMatch3.5.13

mozillafirefoxMatch3.5.14

mozillafirefoxMatch3.5.15

mozillafirefoxMatch3.6

mozillafirefoxMatch3.6.1

mozillafirefoxMatch3.6.2

mozillafirefoxMatch3.6.3

mozillafirefoxMatch3.6.4

mozillafirefoxMatch3.6.6

mozillafirefoxMatch3.6.7

mozillafirefoxMatch3.6.8

mozillafirefoxMatch3.6.9

mozillafirefoxMatch3.6.10

mozillafirefoxMatch3.6.11

mozillafirefoxMatch3.6.12

mozillafirefoxMatch3.6.13

mozillafirefoxMatch3.6.14

mozillafirefoxMatch3.6.15

mozillafirefoxMatch3.6.16

mozillafirefoxMatch3.6.17

mozillafirefoxMatch3.6.18

mozillafirefoxMatch3.6.19

mozillafirefoxMatch3.6.20

mozillafirefoxMatch3.6.21

mozillafirefoxMatch3.6.22

mozillafirefoxMatch3.6.23

Node

mozillathunderbirdRange≤3.1.16

mozillathunderbirdMatch3.0

mozillathunderbirdMatch3.0.1

mozillathunderbirdMatch3.0.2

mozillathunderbirdMatch3.0.3

mozillathunderbirdMatch3.0.4

mozillathunderbirdMatch3.0.5

mozillathunderbirdMatch3.0.6

mozillathunderbirdMatch3.0.7

mozillathunderbirdMatch3.0.8

mozillathunderbirdMatch3.0.9

mozillathunderbirdMatch3.0.10

mozillathunderbirdMatch3.0.11

mozillathunderbirdMatch3.1

mozillathunderbirdMatch3.1.1

mozillathunderbirdMatch3.1.2

mozillathunderbirdMatch3.1.3

mozillathunderbirdMatch3.1.4

mozillathunderbirdMatch3.1.5

mozillathunderbirdMatch3.1.6

mozillathunderbirdMatch3.1.7

mozillathunderbirdMatch3.1.8

mozillathunderbirdMatch3.1.9

mozillathunderbirdMatch3.1.10

mozillathunderbirdMatch3.1.11

mozillathunderbirdMatch3.1.12

mozillathunderbirdMatch3.1.13

mozillathunderbirdMatch3.1.14

mozillathunderbirdMatch3.1.15

Node

mozillaseamonkeyRange≤2.1alpha3

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillaseamonkeyMatch1.1.16

mozillaseamonkeyMatch1.1.17

mozillaseamonkeyMatch1.1.18

mozillaseamonkeyMatch1.1.19

mozillaseamonkeyMatch1.5.0.8

mozillaseamonkeyMatch1.5.0.9

mozillaseamonkeyMatch1.5.0.10

mozillaseamonkeyMatch2.0

mozillaseamonkeyMatch2.0alpha_1

mozillaseamonkeyMatch2.0alpha_2

mozillaseamonkeyMatch2.0alpha_3

mozillaseamonkeyMatch2.0beta_1

mozillaseamonkeyMatch2.0beta_2

mozillaseamonkeyMatch2.0rc1

mozillaseamonkeyMatch2.0rc2

mozillaseamonkeyMatch2.0.1

mozillaseamonkeyMatch2.0.2

mozillaseamonkeyMatch2.0.3

mozillaseamonkeyMatch2.0.4

mozillaseamonkeyMatch2.0.5

mozillaseamonkeyMatch2.0.6

mozillaseamonkeyMatch2.0.7

mozillaseamonkeyMatch2.0.8

mozillaseamonkeyMatch2.0.9

mozillaseamonkeyMatch2.0.10

mozillaseamonkeyMatch2.0.11

mozillaseamonkeyMatch2.0.12

mozillaseamonkeyMatch2.0.13

mozillaseamonkeyMatch2.0.14

mozillaseamonkeyMatch2.0a1pre

mozillaseamonkeyMatch2.1alpha1

mozillaseamonkeyMatch2.1alpha2

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle3.6.24
mozilla:firefoxmozilla firefoxeq3.0
mozilla:firefoxmozilla firefoxeq3.0.1
mozilla:firefoxmozilla firefoxeq3.0.2
mozilla:firefoxmozilla firefoxeq3.0.3
mozilla:firefoxmozilla firefoxeq3.0.4
mozilla:firefoxmozilla firefoxeq3.0.5
mozilla:firefoxmozilla firefoxeq3.0.6
mozilla:firefoxmozilla firefoxeq3.0.7
mozilla:firefoxmozilla firefoxeq3.0.8

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	3.6.24
mozilla:firefox	mozilla firefox	eq	3.0
mozilla:firefox	mozilla firefox	eq	3.0.1
mozilla:firefox	mozilla firefox	eq	3.0.2
mozilla:firefox	mozilla firefox	eq	3.0.3
mozilla:firefox	mozilla firefox	eq	3.0.4
mozilla:firefox	mozilla firefox	eq	3.0.5
mozilla:firefox	mozilla firefox	eq	3.0.6
mozilla:firefox	mozilla firefox	eq	3.0.7
mozilla:firefox	mozilla firefox	eq	3.0.8