CVE-2010-0159

Severity

99%

Complexity

99%

Confidentiality

165%

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 15 years ago

2010-02-22 13:00:00

Last updated 6 years ago

2018-11-16 15:56:00

Affected Software

Mozilla Firefox

Mozilla SeaMonkey

Mozilla Thunderbird

Debian GNU/Linux 5.0

5.0

Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)

8.04

Canonical Ubuntu Linux 8.10

8.10

Canonical Ubuntu Linux 9.04

9.04

Canonical Ubuntu Linux 9.10

9.10

References

FEDORA-2010-1932

Mailing List, Third Party Advisory

FEDORA-2010-1936

Mailing List, Third Party Advisory

FEDORA-2010-1727

Mailing List, Third Party Advisory

FEDORA-2010-3230

Mailing List, Third Party Advisory

FEDORA-2010-3267

Mailing List, Third Party Advisory

SUSE-SA:2010:015

Mailing List, Third Party Advisory

37242

Third Party Advisory

38770

Third Party Advisory

38772

Third Party Advisory

38847

Third Party Advisory

DSA-1999

Third Party Advisory

MDVSA-2010:042

Third Party Advisory

http://www.mozilla.org/security/announce/2010/mfsa2010-01.html

Vendor Advisory

RHSA-2010:0112

Third Party Advisory

RHSA-2010:0113

Third Party Advisory

RHSA-2010:0153

Third Party Advisory

RHSA-2010:0154

Third Party Advisory

USN-895-1

Third Party Advisory

USN-896-1

Third Party Advisory

ADV-2010-0405

Third Party Advisory

ADV-2010-0650

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=467005

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=501934

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=527567

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=528134

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=528300

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=530880

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=534082

Issue Tracking, Vendor Advisory

mozilla-browsereng-code-execution(56359)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:8485

Third Party Advisory

oval:org.mitre.oval:def:9590

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.