← Zuruck zu CVEs

CVE-2010-3769

N/A

Beschreibung

The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht12/10/2010

Zuletzt geandert4/29/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

microsoft:windowsmozilla:firefoxmozilla:seamonkeymozilla:thunderbird

Schwachen (CWE)

CWE-119

Referenzen

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html(cve@mitre.org)

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html(cve@mitre.org)

http://osvdb.org/69771(cve@mitre.org)

http://secunia.com/advisories/42716(cve@mitre.org)

http://secunia.com/advisories/42818(cve@mitre.org)

http://www.debian.org/security/2010/dsa-2132(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:251(cve@mitre.org)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:258(cve@mitre.org)

http://www.mozilla.org/security/announce/2010/mfsa2010-75.html(cve@mitre.org)

http://www.securityfocus.com/bid/45345(cve@mitre.org)

http://www.securitytracker.com/id?1024846(cve@mitre.org)

http://www.securitytracker.com/id?1024848(cve@mitre.org)

http://www.vupen.com/english/advisories/2011/0030(cve@mitre.org)

https://bugzilla.mozilla.org/show_bug.cgi?id=608336(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12342(cve@mitre.org)

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)

http://osvdb.org/69771(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42716(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/42818(af854a3a-2127-422b-91ae-364da2661108)

http://www.debian.org/security/2010/dsa-2132(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:251(af854a3a-2127-422b-91ae-364da2661108)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:258(af854a3a-2127-422b-91ae-364da2661108)

http://www.mozilla.org/security/announce/2010/mfsa2010-75.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/45345(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1024846(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1024848(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2011/0030(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.mozilla.org/show_bug.cgi?id=608336(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12342(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.