ID |
CVE-2010-1988
|
Summary |
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571. Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference' |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 10.0 (as of 10-10-2018 - 19:58) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
oval
via4
|
accepted | 2014-10-06T04:00:30.524-04:00 | class | vulnerability | contributors | name | Preeti Subramanian | organization | SecPod Technologies |
name | Preeti Subramanian | organization | SecPod Technologies |
name | Sergey Artykhov | organization | ALTX-SOFT |
name | Sergey Artykhov | organization | ALTX-SOFT |
name | Maria Kedovskaya | organization | ALTX-SOFT |
name | Maria Mikhno | organization | ALTX-SOFT |
name | Evgeniy Pavlov | organization | ALTX-SOFT |
name | Evgeniy Pavlov | organization | ALTX-SOFT |
name | Evgeniy Pavlov | organization | ALTX-SOFT |
| definition_extensions | comment | Mozilla Firefox Mainline release is installed | oval | oval:org.mitre.oval:def:22259 |
| description | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571. | family | windows | id | oval:org.mitre.oval:def:12050 | status | accepted | submitted | 2010-08-20T16:05:03 | title | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571. | version | 31 |
|
refmap
via4
|
|
Last major update |
10-10-2018 - 19:58 |
Published |
20-05-2010 - 17:30 |
Last modified |
10-10-2018 - 19:58 |