Lucene search
Mozilla FoundationMFSA2010-68HistoryOct 19, 2010 - 12:00 a.m.
XSS in gopher parser when parsing hrefs — Mozilla
2010-10-1900:00:00
Mozilla Foundation
www.mozilla.org
35
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
66.1%
Google security researcher Robert Swiecki reported that functions used by the Gopher parser to convert text to HTML tags could be exploited to turn text into executable JavaScript. If an attacker could create a file or directory on a Gopher server with the encoded script as part of its name the script would then run in a victim’s browser within the context of the site.
Affected configurations
Node
mozillafirefoxRange<3.5.14
ORmozillafirefoxRange<3.6.11
ORmozillaseamonkeyRange<2.0.9
Related
openvas
openvas
Mozilla Products Multiple Cross-site Scripting Vulnerabilities - Windows
2010-10-28 00:00:00
Mozilla Products Multiple Cross-site Scripting Vulnerabilities (Windows)
2010-10-28 00:00:00
CentOS Update for seamonkey CESA-2010:0781 centos4 i386
2010-11-04 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:50:42
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-68
2010-10-23 00:00:00
ubuntucve
ubuntucve
CVE-2010-3177
2010-10-19 00:00:00
prion
prion
Cross site scripting
2010-10-21 19:00:00
cvelist
cvelist
CVE-2010-3177
2010-10-21 18:12:00
nvd
nvd
CVE-2010-3177
2010-10-21 19:00:03
cve
cve
CVE-2010-3177
2010-10-21 19:00:03
centos
centos
seamonkey security update
2010-10-25 12:12:58
firefox, nss, xulrunner security update
2010-10-20 14:29:05
nessus
nessus
Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0781)
2013-07-12 00:00:00
CentOS 3 / 4 : seamonkey (CESA-2010:0781)
2010-11-24 00:00:00
RHEL 3 / 4 : seamonkey (RHSA-2010:0781)
2010-10-20 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2010-10-20 00:00:00
firefox security update
2010-10-20 00:00:00
redhat
redhat
(RHSA-2010:0781) Critical: seamonkey security update
2010-10-19 00:00:00
(RHSA-2010:0861) Critical: firefox security update
2010-11-10 00:00:00
(RHSA-2010:0782) Critical: firefox security update
2010-10-19 00:00:00
debian
debian
BSA-010 Security Update for iceweasel
2010-11-02 19:04:50
BSA-010 Security Update for iceweasel
2010-11-02 15:55:32
[SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities
2010-11-01 20:38:35
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-10-20 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: xulrunner-1.9.2.11-1.fc13
2010-10-27 22:45:51
[SECURITY] Fedora 13 Update: firefox-3.6.11-1.fc13
2010-10-27 22:45:51
[SECURITY] Fedora 13 Update: gnome-python2-extras-2.25.3-23.fc13
2010-10-27 22:45:51
osv
osv
xulrunner - several vulnerabilities
2010-11-01 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-10-19 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
66.1%
Related for MFSA2010-68