← Zuruck zu CVEs

CVE-2010-3765

CRITICALCISA KEV

9.8

Beschreibung

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht10/28/2010

Zuletzt geandert10/22/2025

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerMozilla

ProduktMultiple Products

SchwachstellennameMozilla Multiple Products Remote Code Execution Vulnerability

KEV Aufnahmedatum2025-10-06

Behebungsfrist2025-10-27

Ransomware-NutzungUnknown

Betroffene Produkte

mozilla:firefoxmozilla:seamonkeymozilla:thunderbird

Schwachen (CWE)

CWE-119CWE-119

Referenzen

http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/(cve@mitre.org)

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox(cve@mitre.org)

http://isc.sans.edu/diary.html?storyid=9817(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html(cve@mitre.org)

http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter(cve@mitre.org)

http://secunia.com/advisories/41761(cve@mitre.org)

http://secunia.com/advisories/41965(cve@mitre.org)

http://secunia.com/advisories/41966(cve@mitre.org)

http://secunia.com/advisories/41969(cve@mitre.org)

http://secunia.com/advisories/41975(cve@mitre.org)

http://secunia.com/advisories/42003(cve@mitre.org)

http://secunia.com/advisories/42008(cve@mitre.org)

http://secunia.com/advisories/42043(cve@mitre.org)

http://secunia.com/advisories/42867(cve@mitre.org)

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706(cve@mitre.org)

http://support.avaya.com/css/P8/documents/100114329(cve@mitre.org)

http://support.avaya.com/css/P8/documents/100114335(cve@mitre.org)

http://www.debian.org/security/2010/dsa-2124(cve@mitre.org)

http://www.exploit-db.com/exploits/15341(cve@mitre.org)

http://www.exploit-db.com/exploits/15342(cve@mitre.org)

http://www.exploit-db.com/exploits/15352(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:213(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:219(cve@mitre.org)

http://www.mozilla.org/security/announce/2010/mfsa2010-73.html(cve@mitre.org)

http://www.norman.com/about_norman/press_center/news_archive/2010/129223/(cve@mitre.org)

http://www.norman.com/security_center/virus_description_archive/129146/(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2010-0808.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2010-0809.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2010-0810.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2010-0861.html(cve@mitre.org)

http://www.redhat.com/support/errata/RHSA-2010-0896.html(cve@mitre.org)

http://www.securityfocus.com/bid/44425(cve@mitre.org)

http://www.securitytracker.com/id?1024645(cve@mitre.org)

http://www.securitytracker.com/id?1024650(cve@mitre.org)

http://www.securitytracker.com/id?1024651(cve@mitre.org)

http://www.ubuntu.com/usn/USN-1011-2(cve@mitre.org)

http://www.ubuntu.com/usn/USN-1011-3(cve@mitre.org)

http://www.ubuntu.com/usn/usn-1011-1(cve@mitre.org)

http://www.vupen.com/english/advisories/2010/2837(cve@mitre.org)

http://www.vupen.com/english/advisories/2010/2857(cve@mitre.org)

http://www.vupen.com/english/advisories/2010/2864(cve@mitre.org)

http://www.vupen.com/english/advisories/2010/2871(cve@mitre.org)

http://www.vupen.com/english/advisories/2011/0061(cve@mitre.org)

https://bugzilla.mozilla.org/show_bug.cgi?id=607222(cve@mitre.org)

https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53(cve@mitre.org)

https://bugzilla.redhat.com/show_bug.cgi?id=646997(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108(cve@mitre.org)

https://rhn.redhat.com/errata/RHSA-2010-0812.html(cve@mitre.org)

http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/(af854a3a-2127-422b-91ae-364da2661108)

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox(af854a3a-2127-422b-91ae-364da2661108)

http://isc.sans.edu/diary.html?storyid=9817(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html(af854a3a-2127-422b-91ae-364da2661108)

http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/41761(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/41965(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/41966(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/41969(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/41975(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42003(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42008(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42043(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42867(af854a3a-2127-422b-91ae-364da2661108)

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706(af854a3a-2127-422b-91ae-364da2661108)

http://support.avaya.com/css/P8/documents/100114329(af854a3a-2127-422b-91ae-364da2661108)

http://support.avaya.com/css/P8/documents/100114335(af854a3a-2127-422b-91ae-364da2661108)

http://www.debian.org/security/2010/dsa-2124(af854a3a-2127-422b-91ae-364da2661108)

http://www.exploit-db.com/exploits/15341(af854a3a-2127-422b-91ae-364da2661108)

http://www.exploit-db.com/exploits/15342(af854a3a-2127-422b-91ae-364da2661108)

http://www.exploit-db.com/exploits/15352(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:213(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:219(af854a3a-2127-422b-91ae-364da2661108)

http://www.mozilla.org/security/announce/2010/mfsa2010-73.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.norman.com/about_norman/press_center/news_archive/2010/129223/(af854a3a-2127-422b-91ae-364da2661108)

http://www.norman.com/security_center/virus_description_archive/129146/(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2010-0808.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2010-0809.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2010-0810.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2010-0861.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.redhat.com/support/errata/RHSA-2010-0896.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/44425(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1024645(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1024650(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1024651(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/USN-1011-2(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/USN-1011-3(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/usn-1011-1(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2010/2837(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2010/2857(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2010/2864(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2010/2871(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2011/0061(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.mozilla.org/show_bug.cgi?id=607222(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.redhat.com/show_bug.cgi?id=646997(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108(af854a3a-2127-422b-91ae-364da2661108)

https://rhn.redhat.com/errata/RHSA-2010-0812.html(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3765(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.