Lucene search
UbuntuUSN-1011-1HistoryOct 28, 2010 - 12:00 a.m.
Firefox vulnerability
2010-10-2800:00:00
ubuntu.com
52
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 8.04
Packages
- firefox - safe and easy web browser from Mozilla
- firefox-3.0 - safe and easy web browser from Mozilla
- firefox-3.5 - safe and easy web browser from Mozilla
Details
Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a
user were tricked into navigating to a malicious site, an attacker could
cause a denial of service or possibly execute arbitrary code as the user
invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | firefox-3.5 | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | abrowser-branding | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox-branding | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox-dbg | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox-dev | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox-gnome-support | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | firefox-gnome-support-dbg | <Β 3.6.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | firefox-3.0 | <Β 3.6.12+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | abrowser-branding | <Β 3.6.12+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
openvas
openvas
FreeBSD Ports: firefox
2010-11-17 00:00:00
RedHat Update for thunderbird RHSA-2010:0812-01
2010-11-04 00:00:00
Mozilla Firefox Unspecified Vulnerability Oct-10 (Windows)
2010-11-02 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: mozvoikko-1.0-16.fc13
2010-10-28 22:15:22
[SECURITY] Fedora 13 Update: xulrunner-1.9.2.12-1.fc13
2010-10-28 22:15:22
[SECURITY] Fedora 13 Update: gnome-web-photo-0.9-14.fc13
2010-10-28 22:15:22
redhat
redhat
(RHSA-2010:0808) Critical: firefox security update
2010-10-27 00:00:00
(RHSA-2010:0810) Critical: seamonkey security update
2010-10-27 00:00:00
(RHSA-2010:0809) Critical: xulrunner security update
2010-10-27 00:00:00
nessus
nessus
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3429)
2010-11-03 00:00:00
RHEL 4 : firefox (RHSA-2010:0808)
2010-10-28 00:00:00
freebsd
freebsd
mozilla -- Heap buffer overflow mixing document.write and DOM insertion
2010-10-27 00:00:00
saint
saint
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:47:44
seebug
seebug
Mozilla Firefox document.write()ζΉεΌε ζΊ’εΊζΌζ΄
2010-11-01 00:00:00
Firefox Memory Corruption Proof of Concept (Simplified)
2010-10-29 00:00:00
packetstorm
packetstorm
Firefox Memory Corruption
2010-10-29 00:00:00
Mozilla Firefox Interleaving document.write / appendChild Code Execution
2011-02-19 00:00:00
Firefox Interleaving Denial Of Service
2010-10-28 00:00:00
centos
centos
seamonkey security update
2010-10-28 22:32:32
thunderbird security update
2010-11-01 21:24:26
xulrunner security update
2010-10-28 22:41:34
mozilla
mozilla
Heap buffer overflow mixing document.write and DOM insertion β Mozilla
2010-10-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerability
2010-10-28 00:00:00
Xulrunner vulnerability
2010-10-29 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2010-10-29 00:00:00
firefox security update
2010-10-28 00:00:00
seamonkey security update
2010-10-28 00:00:00
canvas
canvas
Immunity Canvas: FIREFOX_APPENDCHILD
2010-10-28 00:00:00
exploitpack
exploitpack
Mozilla Firefox - Simplified Memory Corruption (PoC)
2010-10-28 00:00:00
prion
prion
Memory corruption
2010-10-28 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-73
2010-11-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey buffer overflow
2010-11-01 00:00:00
cve
cve
CVE-2010-3765
2010-10-28 00:00:00
ubuntucve
ubuntucve
CVE-2010-3765
2010-10-27 00:00:00
exploitdb
exploitdb
Mozilla Firefox - Simplified Memory Corruption (PoC)
2010-10-28 00:00:00
debian
debian
[SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities
2010-11-01 20:38:35
osv
osv
xulrunner - several vulnerabilities
2010-11-01 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Related for USN-1011-1