Published: 05/04/2010 Updated: 30/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Mozilla Firefox prior to 3.5.9 and 3.6.x prior to 3.6.2, and SeaMonkey prior to 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote malicious users to cause a denial of service (excessive application launches) via an HTML document with many images.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 3.6
mozilla firefox
mozilla firefox 3.0.17
mozilla firefox 3.0.10
mozilla firefox 3.0.9
mozilla firefox 3.0.2
mozilla firefox 3.0.1
mozilla firefox 3.5.5
mozilla firefox 3.5.6
mozilla firefox 3.0.12
mozilla firefox 3.0.11
mozilla firefox 3.0.4
mozilla firefox 3.0.3
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.15
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.7
mozilla firefox 2.0
mozilla firefox 1.5
mozilla firefox 1.5.0.10
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.7
mozilla firefox 1.0.7
mozilla firefox 1.0.6
mozilla firefox 0.9.3
mozilla firefox 0.9.2
mozilla firefox 0.6.1
mozilla firefox 0.6
mozilla firefox 0.1
mozilla firefox 3.5.2
mozilla firefox 3.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.14
mozilla firefox 3.0.13
mozilla firefox 3.0.6
mozilla firefox 3.0.5
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.18
mozilla firefox 2.0.0.17
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.9
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 1.5.0.12
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.9
mozilla firefox 1.5.5
mozilla firefox 1.0.8
mozilla firefox 1.0
mozilla firefox 0.7.1
mozilla firefox 0.7
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 3.5
mozilla firefox 3.5.1
mozilla firefox 3.0.16
mozilla firefox 3.0.15
mozilla firefox 3.0.8
mozilla firefox 3.0.7
mozilla firefox 3.0
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.3
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.11
mozilla firefox 1.5.1
mozilla firefox 1.5.2
mozilla firefox 1.5.7
mozilla firefox 1.5.6
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.5
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.5
mozilla firefox 1.5.3
mozilla firefox 1.5.4
mozilla firefox 1.5.8
mozilla firefox 1.0.5
mozilla firefox 1.0.4
mozilla firefox 1.0.3
mozilla firefox 0.9.1
mozilla firefox 0.5
mozilla firefox 0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.18
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 1.1.12
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.1
mozilla seamonkey 1.0
mozilla seamonkey 2.0.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.14
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.2
mozilla seamonkey
mozilla seamonkey 2.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.7
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.1
mozilla seamonkey 1.0.5
mozilla seamonkey 1.0.4

Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program (CVE-2010-0173, CVE-2010-0174) ...

Mozilla Foundation Security Advisory 2010-23 Image src redirect to mailto: URL opens email editor Announced March 30, 2010 Reporter Henry Sudhof Impact Low Products Firefox, SeaMonkey Fixed in ...

CWE-20 http://www.vupen.com/english/advisories/2010/0748 http://secunia.com/advisories/39136 https://bugzilla.mozilla.org/show_bug.cgi?id=452093 http://www.mozilla.org/security/announce/2010/mfsa2010-23.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 http://ubuntu.com/usn/usn-921-1 http://secunia.com/advisories/39397 http://www.vupen.com/english/advisories/2010/0849 http://websecurity.com.ua/4206/http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/57395 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6776 http://www.securityfocus.com/archive/1/511327/100/0/threaded https://usn.ubuntu.com/921-1/https://nvd.nist.gov

Get Started

CVE-2010-0181

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect