← voltar
CVE-2010-3769

CVE-2010-3769

EPSS 4.6%
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.htmlhttp://osvdb.org/69771https://bugzilla.mozilla.org/show_bug.cgi?id=608336http://secunia.com/advisories/42716http://secunia.com/advisories/42818https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12342http://www.debian.org/security/2010/dsa-2132http://www.mandriva.com/security/advisories?name=MDVSA-2010:251http://www.mandriva.com/security/advisories?name=MDVSA-2010:258http://www.mozilla.org/security/announce/2010/mfsa2010-75.html