Lucene search
UbuntuUSN-1011-3HistoryOct 29, 2010 - 12:00 a.m.
Xulrunner vulnerability
2010-10-2900:00:00
ubuntu.com
57
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 8.04
Packages
- xulrunner-1.9.1 - XUL + XPCOM application runner
- xulrunner-1.9.2 - XUL + XPCOM application runner
Details
USN-1011-1 fixed a vulnerability in Firefox. This update provides the
corresponding update for Xulrunner.
Original advisory details:
Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a
user were tricked into navigating to a malicious site, an attacker could
cause a denial of service or possibly execute arbitrary code as the user
invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1 | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1-dbg | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1-dev | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1-gnome-support | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1-testsuite | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.1-testsuite-dev | < 1.9.1.15+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.2 | < 1.9.2.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.2-dbg | < 1.9.2.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.2-dev | < 1.9.2.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | xulrunner-1.9.2-gnome-support | < 1.9.2.12+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
openvas
openvas
FreeBSD Ports: firefox
2010-11-17 00:00:00
RedHat Update for thunderbird RHSA-2010:0812-01
2010-11-04 00:00:00
Mozilla Firefox Unspecified Vulnerability Oct-10 (Windows)
2010-11-02 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: mozvoikko-1.0-16.fc13
2010-10-28 22:15:22
[SECURITY] Fedora 13 Update: perl-Gtk2-MozEmbed-0.08-6.fc13.19
2010-10-28 22:15:22
[SECURITY] Fedora 13 Update: gnome-python2-extras-2.25.3-24.fc13
2010-10-28 22:15:22
redhat
redhat
(RHSA-2010:0808) Critical: firefox security update
2010-10-27 00:00:00
(RHSA-2010:0810) Critical: seamonkey security update
2010-10-27 00:00:00
(RHSA-2010:0812) Moderate: thunderbird security update
2010-10-28 00:00:00
nessus
nessus
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3429)
2010-11-03 00:00:00
RHEL 4 : firefox (RHSA-2010:0808)
2010-10-28 00:00:00
saint
saint
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
Mozilla Firefox document.write and DOM insertion memory corruption
2010-11-04 00:00:00
freebsd
freebsd
mozilla -- Heap buffer overflow mixing document.write and DOM insertion
2010-10-27 00:00:00
prion
prion
Memory corruption
2010-10-28 00:00:00
packetstorm
packetstorm
Firefox Interleaving Denial Of Service
2010-10-28 00:00:00
Firefox Memory Corruption
2010-10-29 00:00:00
Mozilla Firefox Interleaving document.write / appendChild Code Execution
2011-02-19 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-73
2010-11-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey buffer overflow
2010-11-01 00:00:00
centos
centos
firefox security update
2010-10-28 22:36:12
seamonkey security update
2010-10-28 22:32:32
thunderbird security update
2010-11-01 21:24:26
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:47:44
seebug
seebug
Mozilla Firefox document.write()方式堆溢出漏洞
2010-11-01 00:00:00
Firefox Memory Corruption Proof of Concept (Simplified)
2010-10-29 00:00:00
ubuntu
ubuntu
Thunderbird vulnerability
2010-10-28 00:00:00
Firefox vulnerability
2010-10-28 00:00:00
mozilla
mozilla
Heap buffer overflow mixing document.write and DOM insertion — Mozilla
2010-10-27 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2010-10-29 00:00:00
firefox security update
2010-10-28 00:00:00
seamonkey security update
2010-10-28 00:00:00
canvas
canvas
Immunity Canvas: FIREFOX_APPENDCHILD
2010-10-28 00:00:00
exploitpack
exploitpack
Mozilla Firefox - Simplified Memory Corruption (PoC)
2010-10-28 00:00:00
cve
cve
CVE-2010-3765
2010-10-28 00:00:00
ubuntucve
ubuntucve
CVE-2010-3765
2010-10-27 00:00:00
exploitdb
exploitdb
Mozilla Firefox - Simplified Memory Corruption (PoC)
2010-10-28 00:00:00
debian
debian
[SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities
2010-11-01 20:38:35
osv
osv
xulrunner - several vulnerabilities
2010-11-01 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Related for USN-1011-3