CVE-2010-1214

Advisory lineage Upstream: 0 Downstream: 7

Downstream

DSA-2075-1 OPENSUSE-SU-2024:10071-1 OPENSUSE-SU-2024:14572-1 RHSA-2010:0544 RHSA-2010:0545 RHSA-2010:0546

Modified

Published: 30 Jul 2010, 20:00

Last modified:07 Aug 2024, 01:14

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.3 HIGH

v2.0 (nvd)

EPSS Score

7.34% LOW

7% probability +2.99%

KEV

Not listed

Ransomware

No reports

Public exploits

2 found

Dark Web

Not detected

Timeline

30 Jul 2010, 20:00

Published

Vulnerability first disclosed

07 Aug 2024, 01:14

Last Modified

Vulnerability information updated

Description

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.

CVSS Metrics

v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 7.34%• Percentile: 92%

Techniques & Countermeasures

CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

mozilla•firefox
3.5.1 | 3.5.2 | 3.5.3 | 3.5.4 | 3.5.5 | 3.5.6 | 3.5.7 | 3.5.9 | 3.5.10 | 3.6.1 | 3.6.2 | 3.6.3 | 3.6.4 | 3.6.6
mozilla•seamonkey
≤ 2.0.5 | 1.0 | 1.0:alpha | 1.0:beta | 1.0.1 | 1.0.2 | 1.0.3 | 1.0.4 | 1.0.5 | 1.0.6 | 1.0.7 | 1.0.8 | 1.0.9 | 1.1 | 1.1:alpha | 1.1:beta | 1.1.1 | 1.1.2 | 1.1.3 | 1.1.4 | 1.1.5 | 1.1.6 | 1.1.7 | 1.1.8 | 1.1.9 | 1.1.10 | 1.1.11 | 1.1.12 | 1.1.13 | 1.1.14 | 1.1.15 | 1.1.16 | 1.1.17 | 1.1.18 | 1.1.19 | 1.5.0.8 | 1.5.0.9 | 1.5.0.10 | 2.0 | 2.0:alpha_1 | 2.0:alpha_2 | 2.0:alpha_3 | 2.0:beta_1 | 2.0:beta_2 | 2.0:rc1 | 2.0:rc2 | 2.0.1 | 2.0.2 | 2.0.3 | 2.0.4 | 2.0a1pre