← Volver a CVEs
CVE-2010-3768
N/ADescripcion
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado12/10/2010
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
mozilla:firefoxmozilla:seamonkeymozilla:thunderbird
Debilidades (CWE)
CWE-20
Referencias
http://secunia.com/advisories/42716(cve@mitre.org)
http://secunia.com/advisories/42818(cve@mitre.org)
http://support.avaya.com/css/P8/documents/100124650(cve@mitre.org)
http://www.redhat.com/support/errata/RHSA-2010-0966.html(cve@mitre.org)
http://www.redhat.com/support/errata/RHSA-2010-0969.html(cve@mitre.org)
http://www.securityfocus.com/bid/45352(cve@mitre.org)
http://www.securitytracker.com/id?1024846(cve@mitre.org)
http://www.securitytracker.com/id?1024848(cve@mitre.org)
http://www.ubuntu.com/usn/USN-1019-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-1020-1(cve@mitre.org)
http://www.vupen.com/english/advisories/2011/0030(cve@mitre.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=527276(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=660420(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42716(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42818(af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/css/P8/documents/100124650(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:251(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:258(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2010/mfsa2010-78.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0966.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0969.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45352(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1024846(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1024848(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1019-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1020-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0030(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=527276(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=660420(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.