CVE-2010-3167

HIGH

Description

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

References

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html

http://secunia.com/advisories/42867

http://support.avaya.com/css/P8/documents/100110210

http://support.avaya.com/css/P8/documents/100112690

http://www.debian.org/security/2010/dsa-2106

http://www.mandriva.com/security/advisories?name=MDVSA-2010:173

http://www.mozilla.org/security/announce/2010/mfsa2010-56.html

http://www.securityfocus.com/bid/43097

http://www.vupen.com/english/advisories/2010/2323

http://www.vupen.com/english/advisories/2011/0061

http://www.zerodayinitiative.com/advisories/ZDI-10-171/

https://bugzilla.mozilla.org/show_bug.cgi?id=576070

https://exchange.xforce.ibmcloud.com/vulnerabilities/61661

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12136

Details

Source: MITRE

Published: 2010-09-09

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH