9.3
CVE-2010-2752
- EPSS 9.78%
- Veröffentlicht 30.07.2010 20:30:02
- Zuletzt bearbeitet 16.06.2026 23:21:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version3.0
Mozilla ≫ Thunderbird Version3.0.1
Mozilla ≫ Thunderbird Version3.0.2
Mozilla ≫ Thunderbird Version3.0.3
Mozilla ≫ Thunderbird Version3.0.4
Mozilla ≫ Thunderbird Version3.0.5
Mozilla ≫ Thunderbird Version3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.78% | 0.949 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.mozilla.org/security/announce/2010/mfsa2010-39.html
http://www.securityfocus.com/archive/1/512514
http://www.securityfocus.com/bid/41852
http://www.zerodayinitiative.com/advisories/ZDI-10-133/
https://bugzilla.mozilla.org/show_bug.cgi?id=574059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11680