10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.901 High
EPSS
Percentile
98.8%
Mozilla Project reports:
MFSA 2010-24 XMLDocument::load() doesn’t check nsIContentPolicy
MFSA 2010-23 Image src redirect to mailto: URL opens email editor
MFSA 2010-22 Update NSS to support TLS renegotiation indication
MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy
MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop
MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray
MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | seamonkey | < 2.0.4 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | = 3.0 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 3.0.4 | UNKNOWN |
FreeBSD | any | noarch | firefox | < 3.5.9,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 3.0.19,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 3.5.9 | UNKNOWN |
FreeBSD | any | noarch | nss | < 3.12.5 | UNKNOWN |
FreeBSD | any | noarch | linux-f10-nss | < 3.12.5 | UNKNOWN |
www.mozilla.org/security/announce/2010/mfsa2010-16.html
www.mozilla.org/security/announce/2010/mfsa2010-17.html
www.mozilla.org/security/announce/2010/mfsa2010-18.html
www.mozilla.org/security/announce/2010/mfsa2010-19.html
www.mozilla.org/security/announce/2010/mfsa2010-20.html
www.mozilla.org/security/announce/2010/mfsa2010-21.html
www.mozilla.org/security/announce/2010/mfsa2010-22.html
www.mozilla.org/security/announce/2010/mfsa2010-23.html
www.mozilla.org/security/announce/2010/mfsa2010-24.html