Lucene search
MitreCVELIST:CVE-2010-0166HistoryMar 25, 2010 - 8:31 p.m.
CVE-2010-0166
2010-03-2520:31:00
mitre
www.cve.org
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.
Related
prion
prion
Memory corruption
2010-03-25 21:00:00
cve
cve
CVE-2010-0166
2010-03-25 21:00:00
nvd
nvd
CVE-2010-0166
2010-03-25 21:00:00
mozilla
mozilla
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-11
2010-04-06 00:00:00
nessus
nessus
Mozilla Firefox < 3.6.2 Multiple Vulnerabilities.
2010-03-23 00:00:00
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201301-01
2015-09-29 00:00:00