Lucene search

K

[email protected]NVD:CVE-2010-3777

HistoryDec 10, 2010 - 7:00 p.m.

CVE-2010-3777

2010-12-1019:00:02

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.407 Medium

EPSS

Percentile

97.3%

Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected configurations

NVD

Node

mozillafirefoxMatch3.6

OR

mozillafirefoxMatch3.6.1

OR

mozillafirefoxMatch3.6.2

OR

mozillafirefoxMatch3.6.3

OR

mozillafirefoxMatch3.6.4

OR

mozillafirefoxMatch3.6.6

OR

mozillafirefoxMatch3.6.7

OR

mozillafirefoxMatch3.6.8

OR

mozillafirefoxMatch3.6.9

OR

mozillafirefoxMatch3.6.10

OR

mozillafirefoxMatch3.6.11

OR

mozillafirefoxMatch3.6.12

Node

mozillathunderbirdMatch3.1

OR

mozillathunderbirdMatch3.1.1

OR

mozillathunderbirdMatch3.1.2

OR

mozillathunderbirdMatch3.1.3

OR

mozillathunderbirdMatch3.1.4

OR

mozillathunderbirdMatch3.1.5

OR

mozillathunderbirdMatch3.1.6

References

lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html

secunia.com/advisories/42716

secunia.com/advisories/42818

support.avaya.com/css/P8/documents/100124650

www.mandriva.com/security/advisories?name=MDVSA-2010:251

www.mandriva.com/security/advisories?name=MDVSA-2010:258

www.mozilla.org/security/announce/2010/mfsa2010-74.html

www.redhat.com/support/errata/RHSA-2010-0966.html

www.redhat.com/support/errata/RHSA-2010-0969.html

www.securityfocus.com/bid/45348

www.securitytracker.com/id?1024846

www.securitytracker.com/id?1024848

www.ubuntu.com/usn/USN-1019-1

www.ubuntu.com/usn/USN-1020-1

www.vupen.com/english/advisories/2011/0030

bugzilla.mozilla.org/show_bug.cgi?id=599607

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.407 Medium

EPSS

Percentile

97.3%

Related for NVD:CVE-2010-3777

openvas60 ubuntucve1 prion1 cvelist1 cve1 veracode1 oraclelinux2 nessus41 fedora16 mozilla1 securityvulns2 redhat2 ubuntu2 suse3 centos1 freebsd1 gentoo1