Lucene search
Ubuntu.comUB:CVE-2010-2117HistoryJun 01, 2010 - 12:00 a.m.
CVE-2010-2117
2010-06-0100:00:00
ubuntu.com
ubuntu.com
11
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.006
Percentile
78.3%
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a
denial of service (resource consumption) via JavaScript code containing an
infinite loop that creates IFRAME elements for invalid (1) news:// or (2)
nntp:// URIs.
Notes
| Author | Note |
|---|---|
| jdstrand | CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. ignoring until upstream fixes this since a malicious website can achieve the same ‘exploit’ via other means |
Related
prion
prion
Code injection
2010-06-01 20:30:00
cve
cve
CVE-2010-2117
2010-06-01 20:30:02
cvelist
cvelist
CVE-2010-2117
2010-06-01 20:00:00
openvas
openvas
Mozilla Firefox 'IFRAME' Denial Of Service vulnerability (Windows)
2010-06-04 00:00:00
Mozilla Firefox 'IFRAME' DoS Vulnerability - Windows
2010-06-04 00:00:00
nvd
nvd
CVE-2010-2117
2010-06-01 20:30:02
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.006
Percentile
78.3%
Related for UB:CVE-2010-2117