Lucene search

K

MitreCVELIST:CVE-2010-2764

HistorySep 09, 2010 - 6:00 p.m.

CVE-2010-2764

2010-09-0918:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html

lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html

secunia.com/advisories/42867

support.avaya.com/css/P8/documents/100112690

www.mandriva.com/security/advisories?name=MDVSA-2010:173

www.mozilla.org/security/announce/2010/mfsa2010-63.html

www.securityfocus.com/bid/43104

www.vupen.com/english/advisories/2010/2323

www.vupen.com/english/advisories/2011/0061

bugzilla.mozilla.org/show_bug.cgi?id=552090

exchange.xforce.ibmcloud.com/vulnerabilities/61662

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11684

8.4 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

Related for CVELIST:CVE-2010-2764

mozilla1 veracode1 nvd1 cve1 ubuntucve1 prion1 securityvulns2 openvas41 nessus47 ubuntu4 fedora7 oraclelinux1 redhat1 debian2 centos1 freebsd1 suse3 gentoo1