National Vulnerability Database (NVD) National Vulnerability Database (CVE-2010-1198)

National Cyber Awareness System

Vulnerability Summary for CVE-2010-1198

Original release date:06/24/2010

Last revised:11/06/2012

Source: US-CERT/NIST

Overview

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=532246

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=532246

External Source: XF

Name: firefox-plugin-instances-code-exec(59664)

Hyperlink:http://xforce.iss.net/xforce/xfdb/59664

External Source: VUPEN

Name: ADV-2010-1773

Hyperlink:http://www.vupen.com/english/advisories/2010/1773

External Source: VUPEN

Name: ADV-2010-1640

Hyperlink:http://www.vupen.com/english/advisories/2010/1640

External Source: VUPEN

Name: ADV-2010-1592

Hyperlink:http://www.vupen.com/english/advisories/2010/1592

External Source: VUPEN

Name: ADV-2010-1557

Hyperlink:http://www.vupen.com/english/advisories/2010/1557

External Source: VUPEN

Name: ADV-2010-1556

Hyperlink:http://www.vupen.com/english/advisories/2010/1556

External Source: VUPEN

Name: ADV-2010-1551

Hyperlink:http://www.vupen.com/english/advisories/2010/1551

External Source: UBUNTU

Name: USN-930-2

Hyperlink:http://www.ubuntu.com/usn/usn-930-2

External Source: SECTRACK

Name: 1024138

Hyperlink:http://www.securitytracker.com/id?1024138

External Source: BID

Name: 41102

Hyperlink:http://www.securityfocus.com/bid/41102

External Source: BID

Name: 41050

Hyperlink:http://www.securityfocus.com/bid/41050

External Source: REDHAT

Name: RHSA-2010:0501

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0501.html

External Source: REDHAT

Name: RHSA-2010:0500

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0500.html

External Source: REDHAT

Name: RHSA-2010:0499

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0499.html

External Source: CONFIRM

Name: http://www.mozilla.org/security/announce/2010/mfsa2010-28.html

Type: Advisory

Hyperlink:http://www.mozilla.org/security/announce/2010/mfsa2010-28.html

External Source: MANDRIVA

Name: MDVSA-2010:125

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2010:125

External Source: UBUNTU

Name: USN-930-1

Hyperlink:http://ubuntu.com/usn/usn-930-1

External Source: CONFIRM

Name: http://support.avaya.com/css/P8/documents/100091069

Hyperlink:http://support.avaya.com/css/P8/documents/100091069

External Source: SECUNIA

Name: 40481

Hyperlink:http://secunia.com/advisories/40481

External Source: SECUNIA

Name: 40401

Hyperlink:http://secunia.com/advisories/40401

External Source: SECUNIA

Name: 40326

Hyperlink:http://secunia.com/advisories/40326

External Source: OVAL

Name: oval:org.mitre.oval:def:14176

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14176

External Source: OVAL

Name: oval:org.mitre.oval:def:10990

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10990

External Source: SUSE

Name: SUSE-SA:2010:030

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html

External Source: FEDORA

Name: FEDORA-2010-10361

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html

External Source: FEDORA

Name: FEDORA-2010-10344

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html

References to Check Content

Identifier:oval:org.mitre.oval:def:14176

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14176

Identifier:oval:org.mitre.oval:def:10990

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10990

Vulnerable software and versions

Configuration 1

* cpe:/a:mozilla:firefox:3.5

* cpe:/a:mozilla:firefox:3.5.1

* cpe:/a:mozilla:firefox:3.5.2

* cpe:/a:mozilla:firefox:3.5.3

* cpe:/a:mozilla:firefox:3.5.4

* cpe:/a:mozilla:firefox:3.5.5

* cpe:/a:mozilla:firefox:3.5.6

* cpe:/a:mozilla:firefox:3.5.7

* cpe:/a:mozilla:firefox:3.5.9

Configuration 2

* cpe:/a:mozilla:seamonkey:2.0.4 and previous versions

* cpe:/a:mozilla:seamonkey:2.0.3

* cpe:/a:mozilla:seamonkey:2.0.2

* cpe:/a:mozilla:seamonkey:2.0.1

* cpe:/a:mozilla:seamonkey:2.0

* cpe:/a:mozilla:seamonkey:2.0:rc2

* cpe:/a:mozilla:seamonkey:2.0:rc1

* cpe:/a:mozilla:seamonkey:2.0:beta_2

* cpe:/a:mozilla:seamonkey:2.0:beta_1

* cpe:/a:mozilla:seamonkey:2.0:alpha_3

* cpe:/a:mozilla:seamonkey:2.0:alpha_2

* cpe:/a:mozilla:seamonkey:2.0:alpha_1

* cpe:/a:mozilla:seamonkey:1.1.19

* cpe:/a:mozilla:seamonkey:1.1.18

* cpe:/a:mozilla:seamonkey:1.1.17

* cpe:/a:mozilla:seamonkey:1.1.16

* cpe:/a:mozilla:seamonkey:1.1.15

* cpe:/a:mozilla:seamonkey:1.1.14

* cpe:/a:mozilla:seamonkey:1.1.13

* cpe:/a:mozilla:seamonkey:1.1.12

* cpe:/a:mozilla:seamonkey:1.1.11

* cpe:/a:mozilla:seamonkey:1.1.10

* cpe:/a:mozilla:seamonkey:1.1.9

* cpe:/a:mozilla:seamonkey:1.1.8

* cpe:/a:mozilla:seamonkey:1.1.7

* cpe:/a:mozilla:seamonkey:1.1.6

* cpe:/a:mozilla:seamonkey:1.1.5

* cpe:/a:mozilla:seamonkey:1.1.4

* cpe:/a:mozilla:seamonkey:1.1.3

* cpe:/a:mozilla:seamonkey:1.1.2

* cpe:/a:mozilla:seamonkey:1.1.1

* cpe:/a:mozilla:seamonkey:1.1

* cpe:/a:mozilla:seamonkey:1.1:beta

* cpe:/a:mozilla:seamonkey:1.1:alpha

* cpe:/a:mozilla:seamonkey:1.0.9

* cpe:/a:mozilla:seamonkey:1.0.8

* cpe:/a:mozilla:seamonkey:1.0.7

* cpe:/a:mozilla:seamonkey:1.0.6

* cpe:/a:mozilla:seamonkey:1.0.5

* cpe:/a:mozilla:seamonkey:1.0.4

* cpe:/a:mozilla:seamonkey:1.0.3

* cpe:/a:mozilla:seamonkey:1.0.2

* cpe:/a:mozilla:seamonkey:1.0.1

* cpe:/a:mozilla:seamonkey:1.0

* cpe:/a:mozilla:seamonkey:1.0:beta

* cpe:/a:mozilla:seamonkey:1.0:alpha

Configuration 3

* cpe:/a:mozilla:firefox:3.6.2

* cpe:/a:mozilla:firefox:3.6.3

* cpe:/a:mozilla:firefox:3.6

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Resource Management Errors (CWE-399)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1198