Published: 30/07/2010 Updated: 02/02/2024

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
mozilla seamonkey

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulner ...

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently enforced CVE-2010-0654 Chris Evans discove ...

This update is for use with the new Xulrunner provided in USN-930-4 ...

Firefox could be made to run programs as your login if it opened a specially crafted file or website ...

Mozilla Foundation Security Advisory 2010-35 DOM attribute cloning remote code execution vulnerability Announced July 20, 2010 Reporter regenrecht (via TippingPoint's Zero Day Initiative) Impact Critical Products Firefox, Sea ...

CWE-416 https://bugzilla.mozilla.org/show_bug.cgi?id=572986 http://www.mozilla.org/security/announce/2010/mfsa2010-35.html http://www.securityfocus.com/bid/41849 http://www.zerodayinitiative.com/advisories/ZDI-10-134/http://www.securityfocus.com/archive/1/512515 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11740 https://access.redhat.com/errata/RHSA-2010:0547 https://nvd.nist.gov https://usn.ubuntu.com/930-5/https://www.debian.org/security/./dsa-2075

CVE-2010-1208

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect