Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24687
HistorySep 10, 2010 - 12:00 a.m.

Mozilla Foundation Security Advisory 2010-53

2010-09-1000:00:00
vulners.com
24
JSON

Mozilla Foundation Security Advisory 2010-53

Title: Heap buffer overflow in nsTextFrameUtils::TransformText
Impact: Critical
Announced: September 7, 2010
Reporter: wushi
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.6.9
Firefox 3.5.12
Thunderbird 3.1.3
Thunderbird 3.0.7
SeaMonkey 2.0.7
Description

Security researcher wushi of team509 reported a heap buffer overflow in code routines responsible for transforming text runs. A page could be constructed with a bidirectional text run which upon reflow could result in an incorrect length being calculated for the run of text. When this value is subsequently used to allocate memory for the text too small a buffer may be created potentially resulting in a buffer overflow and the execution of attacker controlled memory.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=579655
* CVE-2010-3166

Related

ubuntucve 1
veracode 1
mozilla 1
prion 1
cve 1
openvas 41
nessus 47
fedora 7
ubuntu 4
centos 1
redhat 1
oraclelinux 1
debian 2
freebsd 1
suse 3
securityvulns 1
gentoo 1
ubuntucve
ubuntucve
CVE-2010-3166
2010-09-07 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:48:16
mozilla
mozilla
Heap buffer overflow in nsTextFrameUtils::TransformText — Mozilla
2010-09-07 00:00:00
prion
prion
Heap overflow
2010-09-09 19:00:00
cve
cve
CVE-2010-3166
2010-09-09 19:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities sep-10 (Windows)
2010-09-10 00:00:00
Mozilla Products Multiple Vulnerabilities sep-10 (Windows)
2010-09-10 00:00:00
Ubuntu Update for thunderbird vulnerabilities USN-978-1
2010-09-10 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : thunderbird regression (USN-978-2)
2010-09-17 00:00:00
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.1, xulrunner-1.9.2 regression (USN-975-2)
2010-09-17 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: galeon-2.0.7-25.fc12
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: perl-Gtk2-MozEmbed-0.08-6.fc12.15
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: mozvoikko-1.0-12.fc12
2010-09-09 01:23:44
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-09-08 00:00:00
Thunderbird regression
2010-09-16 00:00:00
Firefox and Xulrunner regression
2010-09-16 00:00:00
centos
centos
firefox, nspr, nss, xulrunner security update
2010-09-08 22:50:48
redhat
redhat
(RHSA-2010:0681) Critical: firefox security update
2010-09-07 00:00:00
oraclelinux
oraclelinux
firefox security update
2010-09-08 00:00:00
debian
debian
BSA-002 Security Update for iceweasel
2010-09-29 06:47:13
BSA-002 Security Update for iceweasel
2010-09-29 06:47:29
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-09-07 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-10-12 16:13:47
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2010-09-16 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
JSON
Related for SECURITYVULNS:DOC:24687
ubuntucve1veracode1mozilla1prion1cve1openvas41nessus47fedora7ubuntu4centos1redhat1oraclelinux1debian2freebsd1suse3securityvulns1gentoo1