what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

CVE-2010-3168

Status Candidate

Overview

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

Related Files

Debian Linux Security Advisory 2106-2
Posted Sep 21, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2106-2 - DSA-2106-1 introduced a regression that could lead to an application crash. This update fixes this problem. Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 2de4ce0cb45fbecf49d266a50e32cfaf
Ubuntu Security Notice 978-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | ec7ca46b4fd599abb60f7457e52ba746
Ubuntu Security Notice 975-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 975-2 - USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Various other issues were addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2762, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 275833fb8fb2c88da5027f3f678e76ef
Zero Day Initiative Advisory 10-172
Posted Sep 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for XUL <tree> objects. If a specific property of a tree object is set and the parent node attempts to remove the child, the process can be made to access invalid memory. This can be abused by an attacker to execute remote code under the context of the user running the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3168
MD5 | 4be0302d27c042906e5ae5c8009aa30a
Mandriva Linux Security Advisory 2010-173
Posted Sep 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-173 - Security issues were identified and fixed in firefox and mozilla-thinderbird. Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests. Cross-site scripting vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled. Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting protection mechanisms via UTF-7 encoding. Various other issues were addressed.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2010-2764, CVE-2010-2769, CVE-2010-2768, CVE-2010-2762, CVE-2010-2766, CVE-2010-3167, CVE-2010-3168, CVE-2010-2760, CVE-2010-2765, CVE-2010-3166, CVE-2010-2767, CVE-2010-3169
MD5 | bdf0c71494fe71aeb99e91f83382b1be
Ubuntu Security Notice 978-1
Posted Sep 9, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 2d45db4f2a4e1a2ed7f7af3dab4a9117
Ubuntu Security Notice 975-1
Posted Sep 9, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Firefox when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2762, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 24ce7eef0734edef2ca67538df5ea039
Debian Linux Security Advisory 2106-1
Posted Sep 9, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 2b68600653e970188ba3edbc6553146e
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    7 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close