Lucene search

K

PRIOn knowledge basePRION:CVE-2010-0177

HistoryApr 05, 2010 - 5:30 p.m.

Design/Logic Flaw

2010-04-0517:30:00

PRIOn knowledge base

www.prio-n.com

6

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.444 Medium

EPSS

Percentile

97.3%

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a “dangling pointer vulnerability.”

CPENameOperatorVersion
firefoxeq3.6
firefoxeq0.1
firefoxeq0.8
firefoxeq2.0.0.12
firefoxeq1.5 beta2
firefoxeq3.5.3
firefoxeq3.0.7
firefoxeq1.5.2
firefoxeq3.0.9
firefoxeq1.5.0.6

Rows per page:

1-10 of 1441

References

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

secunia.com/advisories/38566

secunia.com/advisories/39117

secunia.com/advisories/39136

secunia.com/advisories/39240

secunia.com/advisories/39243

secunia.com/advisories/39308

secunia.com/advisories/39397

securitytracker.com/id?1023776

ubuntu.com/usn/usn-921-1

www.debian.org/security/2010/dsa-2027

www.mandriva.com/security/advisories?name=MDVSA-2010:070

www.mozilla.org/security/announce/2010/mfsa2010-19.html

www.redhat.com/support/errata/RHSA-2010-0332.html

www.redhat.com/support/errata/RHSA-2010-0333.html

www.securityfocus.com/archive/1/510540/100/0/threaded

www.vupen.com/english/advisories/2010/0748

www.vupen.com/english/advisories/2010/0764

www.vupen.com/english/advisories/2010/0765

www.vupen.com/english/advisories/2010/0781

www.vupen.com/english/advisories/2010/0849

www.zerodayinitiative.com/advisories/ZDI-10-049

bugzilla.mozilla.org/show_bug.cgi?id=538310

exchange.xforce.ibmcloud.com/vulnerabilities/57393

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10833

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7622

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.444 Medium

EPSS

Percentile

97.3%

Related for PRION:CVE-2010-0177

seebug1 zdi1 securityvulns5 cve1 ubuntucve1 mozilla1 veracode1 openvas94 oraclelinux3 redhat4 nessus46 centos4 osv1 debian3 ubuntu2 fedora28 freebsd1 suse1 gentoo1