CVE-2010-3776

high

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html

http://secunia.com/advisories/42716

http://secunia.com/advisories/42818

http://support.avaya.com/css/P8/documents/100124650

http://www.debian.org/security/2010/dsa-2132

http://www.mandriva.com/security/advisories?name=MDVSA-2010:251

http://www.mandriva.com/security/advisories?name=MDVSA-2010:258

http://www.mozilla.org/security/announce/2010/mfsa2010-74.html

http://www.redhat.com/support/errata/RHSA-2010-0966.html

http://www.redhat.com/support/errata/RHSA-2010-0967.html

http://www.redhat.com/support/errata/RHSA-2010-0968.html

http://www.redhat.com/support/errata/RHSA-2010-0969.html

http://www.securityfocus.com/bid/45347

http://www.securitytracker.com/id?1024846

http://www.securitytracker.com/id?1024848

http://www.ubuntu.com/usn/USN-1019-1

http://www.ubuntu.com/usn/USN-1020-1

http://www.vupen.com/english/advisories/2011/0030

https://bugzilla.mozilla.org/show_bug.cgi?id=468563

https://bugzilla.mozilla.org/show_bug.cgi?id=569162

https://bugzilla.mozilla.org/show_bug.cgi?id=571995

https://bugzilla.mozilla.org/show_bug.cgi?id=599166

https://bugzilla.mozilla.org/show_bug.cgi?id=601699

https://bugzilla.mozilla.org/show_bug.cgi?id=604843

https://bugzilla.mozilla.org/show_bug.cgi?id=605307

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12389

Details

Source: MITRE

Published: 2010-12-10

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH