Lucene search
HistoryJul 30, 2010 - 8:30 p.m.
CVE-2010-1207
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
8.8
Confidence
High
EPSS
0.003
Percentile
65.6%
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
Affected configurations
Node
mozillafirefoxRangeâ¤3.6.6
ORmozillafirefoxMatch3.6
ORmozillafirefoxMatch3.6.2
ORmozillafirefoxMatch3.6.3
ORmozillafirefoxMatch3.6.4
ORmozillathunderbirdRangeâ¤3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox | 3.6 | cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:* |
| mozilla | firefox | 3.6.2 | cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:* |
| mozilla | firefox | 3.6.3 | cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:* |
| mozilla | firefox | 3.6.4 | cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2010-1207
2010-07-23 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:46:04
cve
cve
CVE-2010-1207
2010-07-30 20:30:01
seebug
seebug
Mozilla Firefox <canvas>ĺ
ç´ čˇ¨ĺ俥ćŻćłé˛ćźć´
2010-07-27 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-43
2010-07-24 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2010-07-24 00:00:00
cvelist
cvelist
CVE-2010-1207
2010-07-30 20:00:00
prion
prion
Arbitrary file deletion
2010-07-30 20:30:00
mozilla
mozilla
Same-origin bypass using canvas context â Mozilla
2010-07-20 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities (MFSA2010-38, MFSA2010-43, MFSA2010-44) - Windows
2010-07-26 00:00:00
Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)
2010-07-26 00:00:00
Fedora Update for sunbird FEDORA-2010-11379
2010-07-23 00:00:00
nessus
nessus
Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities
2010-07-21 00:00:00
Firefox 3.6 < 3.6.7 Multiple Vulnerabilities
2010-07-22 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: thunderbird-3.1.1-1.fc13
2010-07-23 02:48:57
[SECURITY] Fedora 13 Update: sunbird-1.0-0.26.b2pre.fc13
2010-07-23 02:48:57
[SECURITY] Fedora 13 Update: perl-Gtk2-MozEmbed-0.08-6.fc13.15
2010-07-23 02:37:40
oraclelinux
oraclelinux
firefox security update
2010-07-21 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-07-20 00:00:00
redhat
redhat
(RHSA-2010:0547) Critical: firefox security update
2010-07-20 00:00:00
centos
centos
firefox, xulrunner security update
2010-07-22 15:29:05
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-07-23 00:00:00
Firefox and Xulrunner vulnerability
2010-07-26 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-07-30 13:10:04
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
osv
osv
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
8.8
Confidence
High
EPSS
0.003
Percentile
65.6%
Related for NVD:CVE-2010-1207