Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2010-1210

Published: 30/07/2010 Updated: 19/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Firefox

Vulnerability Summary

intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote malicious users to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 3.5.1

mozilla firefox 3.5.2

mozilla firefox 3.5.10

mozilla firefox 3.6.1

mozilla firefox 3.1

mozilla firefox 3.0

mozilla firefox 3.0.4

mozilla firefox 3.0.3

mozilla firefox 3.0.13

mozilla firefox 3.0.12

mozilla firefox 2.0.0.2

mozilla firefox 2.0.0.3

mozilla firefox 2.0.0.11

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.20

mozilla firefox 1.0.1

mozilla firefox 1.0.2

mozilla firefox 1.4.1

mozilla firefox 1.5

mozilla firefox 1.5.0.4

mozilla firefox 1.5.0.5

mozilla firefox 1.5.3

mozilla firefox 1.5.4

mozilla firefox 1.5.5

mozilla firefox 0.1

mozilla firefox 0.2

mozilla firefox 0.7.1

mozilla firefox 0.8

mozilla firefox 3.5.5

mozilla firefox 3.5.6

mozilla firefox 3.6.4

mozilla firefox 3.2

mozilla firefox 3.0.9

mozilla firefox 3.0.8

mozilla firefox 3.0.17

mozilla firefox 3.0.16

mozilla firefox 3.0.1

mozilla firefox 2.0.0.6

mozilla firefox 2.0.0.7

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.15

mozilla firefox 2.0.0.16

mozilla firefox 2.0

mozilla firefox 1.0.6

mozilla firefox 1.0.7

mozilla firefox 1.5.0.11

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.9

mozilla firefox 1.5.8

mozilla firefox 0.5

mozilla firefox 0.6

mozilla firefox 0.9.2

mozilla firefox 0.9.3

mozilla firefox 3.5.3

mozilla firefox 3.5.4

mozilla firefox 3.6.2

mozilla firefox 3.6.3

mozilla firefox 3.0.2

mozilla firefox 3.0.19

mozilla firefox 3.0.11

mozilla firefox 3.0.10

mozilla firefox 2.0.0.4

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.13

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.21

mozilla firefox 1.0.3

mozilla firefox 1.0.4

mozilla firefox 1.0.5

mozilla firefox 1.5.0.1

mozilla firefox 1.5.0.10

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.7

mozilla firefox 1.5.6

mozilla firefox 1.5.7

mozilla firefox 0.3

mozilla firefox 0.4

mozilla firefox 0.9

mozilla firefox 0.9.1

mozilla firefox 3.5.7

mozilla firefox 3.5.9

mozilla firefox 3.0.7

mozilla firefox 3.0.6

mozilla firefox 3.0.5

mozilla firefox 3.0.15

mozilla firefox 3.0.14

mozilla firefox 2.0.0.1

mozilla firefox 2.0.0.9

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.18

mozilla firefox 1.0

mozilla firefox 1.0.8

mozilla firefox 1.5.0.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5.1

mozilla firefox 1.5.2

mozilla firefox 1.8

mozilla firefox 0.6.1

mozilla firefox 0.7

mozilla firefox 0.10

mozilla firefox 0.10.1

mozilla firefox

mozilla thunderbird 3.0.4

mozilla thunderbird 3.0.5

mozilla thunderbird 2.0.0.3

mozilla thunderbird 2.0.0.4

mozilla thunderbird 2.0.0.12

mozilla thunderbird 2.0.0.13

mozilla thunderbird 2.0.0.21

mozilla thunderbird 2.0.0.22

mozilla thunderbird 1.0.5

mozilla thunderbird 1.5.0.3

mozilla thunderbird 1.5.0.4

mozilla thunderbird 1.5.0.5

mozilla thunderbird 1.5.0.12

mozilla thunderbird 1.5.0.13

mozilla thunderbird 0.1

mozilla thunderbird 0.2

mozilla thunderbird 0.7.3

mozilla thunderbird 0.8

mozilla thunderbird 3.0.2

mozilla thunderbird 3.0.3

mozilla thunderbird 3.0.1

mozilla thunderbird 3.0

mozilla thunderbird 2.0.0.5

mozilla thunderbird 2.0.0.6

mozilla thunderbird 2.0.0.14

mozilla thunderbird 2.0.0.15

mozilla thunderbird 2.0.0.16

mozilla thunderbird 2.0.0.23

mozilla thunderbird 1.0

mozilla thunderbird 1.0.6

mozilla thunderbird 1.0.7

mozilla thunderbird 1.5.0.6

mozilla thunderbird 1.5.0.7

mozilla thunderbird 1.5.0.14

mozilla thunderbird 1.5

mozilla thunderbird 0.3

mozilla thunderbird 0.4

mozilla thunderbird 0.9

mozilla thunderbird

mozilla thunderbird 2.0.0.1

mozilla thunderbird 2.0.0.2

mozilla thunderbird 2.0.0.9

mozilla thunderbird 2.0.0.11

mozilla thunderbird 2.0.0.19

mozilla thunderbird 2.0.0.20

mozilla thunderbird 1.0.3

mozilla thunderbird 1.0.4

mozilla thunderbird 1.5.0.1

mozilla thunderbird 1.5.0.2

mozilla thunderbird 1.5.0.10

mozilla thunderbird 1.5.0.11

mozilla thunderbird 1.5.1

mozilla thunderbird 1.5.2

mozilla thunderbird 0.7

mozilla thunderbird 0.7.1

mozilla thunderbird 0.7.2

mozilla thunderbird 3.0.6

mozilla thunderbird 2.0.0.0

mozilla thunderbird 2.0.0.7

mozilla thunderbird 2.0.0.8

mozilla thunderbird 2.0.0.17

mozilla thunderbird 2.0.0.18

mozilla thunderbird 1.0.1

mozilla thunderbird 1.0.2

mozilla thunderbird 1.0.8

mozilla thunderbird 1.5.0.8

mozilla thunderbird 1.5.0.9

mozilla thunderbird 1.7.1

mozilla thunderbird 1.7.3

mozilla thunderbird 0.5

mozilla thunderbird 0.6

Vendor Advisories

Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulner ...
Ubuntu Security Notice: ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update
This update is for use with the new Xulrunner provided in USN-930-4 ...
Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerability
Firefox could be made to run programs as your login if it opened a specially crafted file or website ...
Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities
Firefox could be made to run programs as your login if it opened a specially crafted file or website ...
Ubuntu Security Notice: firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities
Firefox could be made to run programs as your login if it opened a specially crafted file or website ...
Mozilla: Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
Mozilla Foundation Security Advisory 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish Announced July 20, 2010 Reporter O Andersen Impact Moderate Products Firefox, Thunderbird ...

References

CWE-20https://bugzilla.mozilla.org/show_bug.cgi?id=564679http://www.mozilla.org/security/announce/2010/mfsa2010-44.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11863https://access.redhat.com/errata/RHSA-2010:0547https://nvd.nist.govhttps://usn.ubuntu.com/930-5/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook