CVE-2010-0159

🟠 Łataj w tym tygodniu

Błąd w silniku przeglądarki Mozilla Firefox umożliwia zdalne wywołanie awarii aplikacji.

CVSS

10.0

EPSS

2.5%

Exploit

none

Vendor

canonical

Opis źródłowy (NVD)

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.

dos Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	10.0
CISA KEV (aktywnie wykorzystywane)	Nie
FIRST EPSS (prawdopodobieństwo exploita)	2.5%
Opublikowano (NVD)	2010-02-22 13:00:02 UTC
Ostatnia modyfikacja (NVD)	2026-04-29 01:13:23 UTC

Referencje

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html (cve@mitre.org) [Mailing List, Third Party Advisory]
http://secunia.com/advisories/37242 (cve@mitre.org) [Third Party Advisory]
http://secunia.com/advisories/38770 (cve@mitre.org) [Third Party Advisory]
http://secunia.com/advisories/38772 (cve@mitre.org) [Third Party Advisory]
http://secunia.com/advisories/38847 (cve@mitre.org) [Third Party Advisory]
http://www.debian.org/security/2010/dsa-1999 (cve@mitre.org) [Third Party Advisory]
http://www.mandriva.com/security/advisories?name=MDVSA-2010:042 (cve@mitre.org) [Third Party Advisory]
http://www.mozilla.org/security/announce/2010/mfsa2010-01.html (cve@mitre.org) [Vendor Advisory]
http://www.redhat.com/support/errata/RHSA-2010-0112.html (cve@mitre.org) [Third Party Advisory]
http://www.redhat.com/support/errata/RHSA-2010-0113.html (cve@mitre.org) [Third Party Advisory]
http://www.redhat.com/support/errata/RHSA-2010-0153.html (cve@mitre.org) [Third Party Advisory]
http://www.redhat.com/support/errata/RHSA-2010-0154.html (cve@mitre.org) [Third Party Advisory]
http://www.ubuntu.com/usn/USN-895-1 (cve@mitre.org) [Third Party Advisory]
http://www.ubuntu.com/usn/USN-896-1 (cve@mitre.org) [Third Party Advisory]
http://www.vupen.com/english/advisories/2010/0405 (cve@mitre.org) [Third Party Advisory]
http://www.vupen.com/english/advisories/2010/0650 (cve@mitre.org) [Third Party Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=467005 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=501934 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=527567 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=528134 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=528300 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=530880 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://bugzilla.mozilla.org/show_bug.cgi?id=534082 (cve@mitre.org) [Issue Tracking, Vendor Advisory]
https://exchange.xforce.ibmcloud.com/vulnerabilities/56359 (cve@mitre.org) [Third Party Advisory, VDB Entry]
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8485 (cve@mitre.org) [Third Party Advisory]
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9590 (cve@mitre.org) [Third Party Advisory]