Lucene search
Mozilla FoundationMFSA2010-58HistorySep 07, 2010 - 12:00 a.m.
Crash on Mac using fuzzed font in data: URL — Mozilla
2010-09-0700:00:00
Mozilla Foundation
www.mozilla.org
10
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.071 Low
EPSS
Percentile
94.0%
Security researcher Marc Schoenefeld reported that a specially crafted font could be applied to a document and cause a crash on Mac systems. The crash showed signs of memory corruption and presumably could be used by an attacker to execute arbitrary code on a victim’s computer.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 3.5.12 | |
| firefox | lt | 3.6.9 | |
| seamonkey | lt | 2.0.7 | |
| thunderbird | lt | 3.0.7 | |
| thunderbird | lt | 3.1.3 |
Related
prion
prion
Memory corruption
2010-09-09 19:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-58
2010-09-10 00:00:00
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2010-09-16 00:00:00
cve
cve
CVE-2010-2770
2010-09-09 19:00:00
nessus
nessus
Mozilla Thunderbird < 3.0.7 Multiple Vulnerabilities
2010-09-08 00:00:00
SeaMonkey < 2.0.7 Multiple Vulnerabilities
2010-09-08 00:00:00
CentOS 3 / 4 : seamonkey (CESA-2010:0680)
2010-09-12 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-09-07 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2010-10-10 00:00:00
FreeBSD Ports: firefox
2010-10-10 00:00:00
SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:049
2010-10-19 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-10-12 16:13:47
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.071 Low
EPSS
Percentile
94.0%
Related for MFSA2010-58