CVE-2010-1199

HIGH

Description

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html

http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html

http://secunia.com/advisories/40323

http://secunia.com/advisories/40326

http://secunia.com/advisories/40401

http://secunia.com/advisories/40481

http://support.avaya.com/css/P8/documents/100091069

http://ubuntu.com/usn/usn-930-1

http://www.exploit-db.com/exploits/14949

http://www.mandriva.com/security/advisories?name=MDVSA-2010:125

http://www.mozilla.org/security/announce/2010/mfsa2010-30.html

http://www.redhat.com/support/errata/RHSA-2010-0499.html

http://www.redhat.com/support/errata/RHSA-2010-0500.html

http://www.redhat.com/support/errata/RHSA-2010-0501.html

http://www.securityfocus.com/archive/1/511972/100/0/threaded

http://www.securityfocus.com/bid/41050

http://www.securityfocus.com/bid/41082

http://www.securitytracker.com/id?1024138

http://www.securitytracker.com/id?1024139

http://www.ubuntu.com/usn/usn-930-2

http://www.vupen.com/english/advisories/2010/1551

http://www.vupen.com/english/advisories/2010/1556

http://www.vupen.com/english/advisories/2010/1557

http://www.vupen.com/english/advisories/2010/1592

http://www.vupen.com/english/advisories/2010/1640

http://www.vupen.com/english/advisories/2010/1773

http://www.zerodayinitiative.com/advisories/ZDI-10-113

https://bugzilla.mozilla.org/show_bug.cgi?id=554255

https://exchange.xforce.ibmcloud.com/vulnerabilities/59666

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10885

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13287

Details

Source: MITRE

Published: 2010-06-24

Updated: 2018-10-10

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH