CVE-2010-1214

HIGH

Description

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-37.html

https://bugzilla.mozilla.org/show_bug.cgi?id=572985

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11685

Details

Source: MITRE

Published: 2010-07-30

Updated: 2017-09-19

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH