Lucene search
Ubuntu.comUB:CVE-2010-0171HistoryMar 25, 2010 - 12:00 a.m.
CVE-2010-0171
2010-03-2500:00:00
ubuntu.com
ubuntu.com
4
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.6%
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before
3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote
attackers to perform cross-origin keystroke capture, and possibly conduct
cross-site scripting (XSS) attacks, by using the addEventListener and
setTimeout functions in conjunction with a wrapped object. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2007-3736.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 3.6.3+nobinonly-0ubuntu2 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 2.0.8+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | seamonkey | < 2.0.8+build1+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | seamonkey | < 2.0.8+build1+nobinonly-0ubuntu0.9.10.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | seamonkey | < 2.0.8+build1+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 3.0.4+nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 8.04 | noarch | xulrunner-1.9 | < 1.9.0.19+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | xulrunner-1.9 | < 1.9.0.19+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | xulrunner-1.9 | < 1.9.0.19+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | xulrunner-1.9.1 | < 1.9.1.9+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
Related
prion
prion
Cross site scripting
2010-03-25 21:00:00
Cross site scripting
2007-07-18 17:30:00
cve
cve
CVE-2010-0171
2010-03-25 21:00:00
CVE-2007-3736
2007-07-18 17:30:00
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 00:42:21
Cross-Site Scripting (XSS)
2020-04-10 00:17:16
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-12
2010-04-06 00:00:00
Mozilla Foundation Security Advisory 2007-19
2007-07-19 00:00:00
Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
2007-07-19 00:00:00
mozilla
mozilla
XSS using addEventListener and setTimeout on a wrapped object — Mozilla
2010-03-23 00:00:00
XSS using addEventListener and setTimeout — Mozilla
2007-07-17 00:00:00
seebug
seebug
Mozilla Firefox addEventListener和setTimeout实现跨站脚本漏洞
2010-03-26 00:00:00
Mozilla Firefox 2.0.0.4多个远程安全漏洞
2007-07-19 00:00:00
ubuntucve
ubuntucve
CVE-2007-3736
2007-07-18 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : firefox (MDVSA-2010:042)
2010-02-22 00:00:00
Mozilla Thunderbird < 3.0.2 Multiple Vulnerabilities
2010-03-02 00:00:00
Oracle Linux 4 : thunderbird (ELSA-2007-0723)
2013-07-12 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Mozilla Products Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
Mozilla Products Multiple Vulnerabilities (Mar 2010) - Linux
2010-03-30 00:00:00
redhat
redhat
(RHSA-2010:0113) Critical: seamonkey security update
2010-02-17 00:00:00
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
centos
centos
seamonkey security update
2010-02-18 00:29:51
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2007-07-20 05:54:56
oraclelinux
oraclelinux
seamonkey security update
2010-02-17 00:00:00
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: firefox-2.0.0.5-1.fc7
2007-07-18 20:56:30
osv
osv
debian
debian
[SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities
2007-07-23 00:00:00
[SECURITY] [DSA 1339-1] New iceape packages fix several vulnerabilities
2007-07-24 00:00:00
[SECURITY] [DSA 1337-1] New xulrunner packages fix several vulnerabilities
2007-07-22 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-07-20 00:00:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.6%
Related for UB:CVE-2010-0171