CVE-2010-3777

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html

http://secunia.com/advisories/42716

http://secunia.com/advisories/42818

http://support.avaya.com/css/P8/documents/100124650

http://www.mandriva.com/security/advisories?name=MDVSA-2010:251

http://www.mandriva.com/security/advisories?name=MDVSA-2010:258

http://www.mozilla.org/security/announce/2010/mfsa2010-74.html

http://www.redhat.com/support/errata/RHSA-2010-0966.html

http://www.redhat.com/support/errata/RHSA-2010-0969.html

http://www.securityfocus.com/bid/45348

http://www.securitytracker.com/id?1024846

http://www.securitytracker.com/id?1024848

http://www.ubuntu.com/usn/USN-1019-1

http://www.ubuntu.com/usn/USN-1020-1

http://www.vupen.com/english/advisories/2011/0030

https://bugzilla.mozilla.org/show_bug.cgi?id=599607

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468

Details

Source: MITRE

Published: 2010-12-10

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (47 total)

IDNameProductFamilySeverity
75735openSUSE Security Update : seamonkey (seamonkey-3690)NessusSuSE Local Security Checks
high
75673openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)NessusSuSE Local Security Checks
critical
75672openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3689)NessusSuSE Local Security Checks
high
75662openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3687)NessusSuSE Local Security Checks
high
75649openSUSE Security Update : MozillaFirefox (MozillaFirefox-3688)NessusSuSE Local Security Checks
high
68159Oracle Linux 6 : thunderbird (ELSA-2010-0969)NessusOracle Linux Local Security Checks
high
68156Oracle Linux 4 / 5 / 6 : firefox (ELSA-2010-0966)NessusOracle Linux Local Security Checks
high
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60916Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
53797openSUSE Security Update : seamonkey (seamonkey-3690)NessusSuSE Local Security Checks
high
53777openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)NessusSuSE Local Security Checks
critical
53776openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3689)NessusSuSE Local Security Checks
high
53773openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3687)NessusSuSE Local Security Checks
high
53769openSUSE Security Update : MozillaFirefox (MozillaFirefox-3688)NessusSuSE Local Security Checks
high
53688openSUSE Security Update : seamonkey (seamonkey-3690)NessusSuSE Local Security Checks
high
53684openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3689)NessusSuSE Local Security Checks
high
53683openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3687)NessusSuSE Local Security Checks
high
53682openSUSE Security Update : MozillaFirefox (MozillaFirefox-3688)NessusSuSE Local Security Checks
high
52652SuSE 10 Security Update : mozilla-xulrunner191 (ZYPP Patch Number 7363)NessusSuSE Local Security Checks
critical
52651SuSE 11.1 Security Update : mozilla-xulrunner191 (SAT Patch Number 4085)NessusSuSE Local Security Checks
critical
52530Firefox 3.5 < 3.5.17 Multiple VulnerabilitiesNessusWindows
high
51777CentOS 4 : firefox (CESA-2010:0966)NessusCentOS Local Security Checks
high
51627SuSE 11.1 Security Update : Mozilla XULrunner (SAT Patch Number 3694)NessusSuSE Local Security Checks
high
51591SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 3693)NessusSuSE Local Security Checks
high
51411SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7280)NessusSuSE Local Security Checks
high
51362Fedora 14 : seamonkey-2.0.11-1.fc14 (2010-18920)NessusFedora Local Security Checks
high
51361Fedora 13 : seamonkey-2.0.11-1.fc13 (2010-18890)NessusFedora Local Security Checks
high
51353Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:258)NessusMandriva Local Security Checks
high
51151Fedora 13 : thunderbird-3.1.7-2.fc13 (2010-18778)NessusFedora Local Security Checks
high
51137Fedora 14 : thunderbird-3.1.7-2.fc14 (2010-18777)NessusFedora Local Security Checks
high
51132FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)NessusFreeBSD Local Security Checks
high
51131Fedora 13 : firefox-3.6.13-1.fc13 / galeon-2.0.7-36.fc13 / gnome-python2-extras-2.25.3-25.fc13 / etc (2010-18775)NessusFedora Local Security Checks
high
51130Fedora 14 : firefox-3.6.13-1.fc14 / galeon-2.0.7-36.fc14.1 / gnome-python2-extras-2.25.3-26.fc14.1 / etc (2010-18773)NessusFedora Local Security Checks
high
801367Mozilla Thunderbird 3.0.x < 3.0.11 Multiple Vulnerabilities Log Correlation EngineSMTP Clients
high
801315Mozilla Thunderbird 3.1.x < 3.1.7 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
5730Mozilla Thunderbird 3.1.x < 3.1.7 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
5729Mozilla Thunderbird 3.0.x < 3.0.11 Multiple Vulnerabilities Nessus Network MonitorSMTP Clients
medium
51123Mozilla Thunderbird 3.1.x < 3.1.7 Multiple VulnerabilitiesNessusWindows
high
51122Mozilla Thunderbird < 3.0.11 Multiple VulnerabilitiesNessusWindows
high
51121Firefox 3.6 < 3.6.13 Multiple VulnerabilitiesNessusWindows
high
51115Ubuntu 10.04 LTS / 10.10 : thunderbird, thunderbird-locales vulnerabilities (USN-1020-1)NessusUbuntu Local Security Checks
high
51114Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.{1,2} vulnerabilities (USN-1019-1)NessusUbuntu Local Security Checks
high
51110RHEL 6 : thunderbird (RHSA-2010:0969)NessusRed Hat Local Security Checks
high
51107RHEL 4 / 5 / 6 : firefox (RHSA-2010:0966)NessusRed Hat Local Security Checks
high
51106Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)NessusMandriva Local Security Checks
high
801273Mozilla Firefox 3.6.x < 3.6.13 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5727Mozilla Firefox 3.6.x < 3.6.13 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high