CVE-2010-1199
Vulnerability Summary
Timeline
Description
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
CVSS Metrics
- v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Trends
Current EPSS score: 42.70%• Percentile: 98%
Techniques & Countermeasures
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- mozilla•firefox
3.5 | 3.5.1 | 3.5.2 | 3.5.3 | 3.5.4 | 3.5.5 | 3.5.6 | 3.5.7 | 3.5.9 | 3.6 | 3.6.2 | 3.6.3
- mozilla•seamonkey
≤ 2.0.4 | 1.0 | 1.0:alpha | 1.0:beta | 1.0.1 | 1.0.2 | 1.0.3 | 1.0.4 | 1.0.5 | 1.0.6 | 1.0.7 | 1.0.8 | 1.0.9 | 1.1 | 1.1:alpha | 1.1:beta | 1.1.1 | 1.1.2 | 1.1.3 | 1.1.4 | 1.1.5 | 1.1.6 | 1.1.7 | 1.1.8 | 1.1.9 | 1.1.10 | 1.1.11 | 1.1.12 | 1.1.13 | 1.1.14 | 1.1.15 | 1.1.16 | 1.1.17 | 1.1.18 | 1.1.19 | 2.0 | 2.0:alpha_1 | 2.0:alpha_2 | 2.0:alpha_3 | 2.0:beta_1 | 2.0:beta_2 | 2.0:rc1 | 2.0:rc2 | 2.0.1 | 2.0.2 | 2.0.3
- mozilla•thunderbird
≤ 3.0.4 | 0.1 | 0.2 | 0.3 | 0.4 | 0.5 | 0.6 | 0.7 | 0.8 | 0.9 | 1.0 | 1.0.2 | 1.0.5 | 1.0.6 | 1.0.7 | 1.0.8 | 1.5 | 1.5.0.2 | 1.5.0.4 | 1.5.0.5 | 1.5.0.7 | 1.5.0.8 | 1.5.0.9 | 1.5.0.10 | 1.5.0.12 | 1.5.0.13 | 1.5.0.14 | 2.0.0.0 | 2.0.0.4 | 2.0.0.5 | 2.0.0.6 | 2.0.0.9 | 2.0.0.12 | 2.0.0.14 | 2.0.0.16 | 2.0.0.17 | 2.0.0.18 | 2.0.0.19 | 3.0 | 3.0.1 | 3.0.2 | 3.0.3
References (32)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59666
- http://secunia.com/advisories/40481
- http://ubuntu.com/usn/usn-930-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13287
- http://www.exploit-db.com/exploits/14949
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
- http://www.securitytracker.com/id?1024138
- http://www.vupen.com/english/advisories/2010/1640
- http://www.securityfocus.com/bid/41050
- http://www.redhat.com/support/errata/RHSA-2010-0501.html
- http://www.vupen.com/english/advisories/2010/1557
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:125
- http://www.vupen.com/english/advisories/2010/1773
- https://bugzilla.mozilla.org/show_bug.cgi?id=554255
- http://www.redhat.com/support/errata/RHSA-2010-0499.html
- http://www.vupen.com/english/advisories/2010/1556
- http://www.vupen.com/english/advisories/2010/1592
- http://www.ubuntu.com/usn/usn-930-2
- http://www.vupen.com/english/advisories/2010/1551
- http://www.securityfocus.com/bid/41082
- http://www.redhat.com/support/errata/RHSA-2010-0500.html
- http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
- http://www.securityfocus.com/archive/1/511972/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-10-113
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10885
- http://secunia.com/advisories/40323
- http://www.mozilla.org/security/announce/2010/mfsa2010-30.html
- http://secunia.com/advisories/40401
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
- http://secunia.com/advisories/40326
- http://support.avaya.com/css/P8/documents/100091069
- http://www.securitytracker.com/id?1024139