← volver
CVE-2010-1199

CVE-2010-1199

EPSS 11.4%
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
Productos afectados
n/a · n/a
PoCs públicas encontradas3
cve_referencewww.exploit-db.com/exploits/14949no verificadoexploitdbwww.exploit-db.com/exploits/34192no verificadoexploitdbwww.exploit-db.com/exploits/14949no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=554255http://secunia.com/advisories/40323http://secunia.com/advisories/40326http://secunia.com/advisories/40401http://secunia.com/advisories/40481https://exchange.xforce.ibmcloud.com/vulnerabilities/59666https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10885https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13287http://support.avaya.com/css/P8/documents/100091069