Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2010-ALE-017
Vulnerability from certfr_alerte
Un correctif a été publié concernant une vulnérabilité, non détaillée, permettant à une personne malintentionnée distante d'exécuter du code arbitraire dans Mozilla Firefox.
Description
Une vulnérabilité non communiquée affecte le navigateur Mozilla Firefox. Elle permet à une personne malintentionnée d'exécuter du code arbitraire à distance au moyen d'une page Web spécifiquement réalisée.
Contournement provisoire
Ces contournements ne sont plus d'actualité, un correctif étant disponible.
Mozilla recommande la désactivation du JavaScript dans son navigateur, ou son utilisation au cas par cas, en fonction des sites et des besoins. Ce paramètrage peut être fait au moyen d'extensions supplémentaires.
Cependant l'indispensabilité du JavaScript n'étant pas démontrée, le CERTA recommande la plus grande prudence, même en appliquant ce contournement. Il est donc conseillé d'utiliser un navigateur alternatif en attendant la publication d'un correctif.
Solution
Se référer au bulletin de sécurité Mozilla mfsa2010-73 pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mozilla Firefox 3.6.11 et ant\u00e9rieures.",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Mozilla Firefox 3.5.14 et ant\u00e9rieures ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2010-10-28",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 non communiqu\u00e9e affecte le navigateur Mozilla Firefox.\nElle permet \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire\n\u00e0 distance au moyen d\u0027une page Web sp\u00e9cifiquement r\u00e9alis\u00e9e.\n\n## Contournement provisoire\n\nCes contournements ne sont plus d\u0027actualit\u00e9, un correctif \u00e9tant\ndisponible.\n\nMozilla recommande la d\u00e9sactivation du JavaScript dans son navigateur,\nou son utilisation au cas par cas, en fonction des sites et des besoins.\nCe param\u00e8trage peut \u00eatre fait au moyen d\u0027extensions suppl\u00e9mentaires.\n\nCependant l\u0027indispensabilit\u00e9 du JavaScript n\u0027\u00e9tant pas d\u00e9montr\u00e9e, le\nCERTA recommande la plus grande prudence, m\u00eame en appliquant ce\ncontournement. Il est donc conseill\u00e9 d\u0027utiliser un navigateur alternatif\nen attendant la publication d\u0027un correctif.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Mozilla mfsa2010-73 pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3765"
}
],
"initial_release_date": "2010-10-27T00:00:00",
"last_revision_date": "2010-10-28T00:00:00",
"links": [
{
"title": "Avis CERTA-2010-AVI-521",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-AVI-521/index.html"
},
{
"title": "Annonce de s\u00e9curit\u00e9 de la fondation Mozilla \u00abcritical-vulnerability-in-firefox-3-5-and-firefox-3-6\u00bb du 26 octobre 2010 :",
"url": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2010-73 du 27 octobre 2010 :",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html"
}
],
"reference": "CERTA-2010-ALE-017",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-10-27T00:00:00.000000"
},
{
"description": "ajout du correctif Mozilla.",
"revision_date": "2010-10-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Un correctif a \u00e9t\u00e9 publi\u00e9 concernant une vuln\u00e9rabilit\u00e9, non d\u00e9taill\u00e9e,\npermettant \u00e0 une personne malintentionn\u00e9e distante d\u0027ex\u00e9cuter du code\narbitraire dans Mozilla Firefox.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Mozilla Firefox",
"vendor_advisories": [
{
"published_at": null,
"title": "Annonce de s\u00e9curit\u00e9 Mozilla du 26 octobre 2010",
"url": null
}
]
}
CVE-2010-3765 (GCVE-0-2010-3765)
Vulnerability from cvelistv5
Published
2010-10-27 22:00
Modified
2025-10-22 00:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44425"
},
{
"name": "RHSA-2010:0812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0812.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53"
},
{
"name": "ADV-2010-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2837"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=646997"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114335"
},
{
"name": "41965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41965"
},
{
"name": "41975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41975"
},
{
"name": "RHSA-2010:0896",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
},
{
"name": "RHSA-2010:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0808.html"
},
{
"name": "15341",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15341"
},
{
"name": "1024651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024651"
},
{
"name": "41761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41761"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222"
},
{
"name": "FEDORA-2010-17105",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed\u0026utm_medium=twitter"
},
{
"name": "41969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41969"
},
{
"name": "USN-1011-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1011-3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/"
},
{
"name": "USN-1011-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1011-1"
},
{
"name": "1024650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024650"
},
{
"name": "USN-1011-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1011-2"
},
{
"name": "RHSA-2010:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0809.html"
},
{
"name": "MDVSA-2010:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:219"
},
{
"name": "42867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/"
},
{
"name": "ADV-2010-2857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2857"
},
{
"name": "ADV-2011-0061",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114329"
},
{
"name": "DSA-2124",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2124"
},
{
"name": "1024645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024645"
},
{
"name": "42043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42043"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.norman.com/security_center/virus_description_archive/129146/"
},
{
"name": "41966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41966"
},
{
"name": "MDVSA-2010:213",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:213"
},
{
"name": "42008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42008"
},
{
"name": "FEDORA-2010-16883",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html"
},
{
"name": "SSA:2010-305-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.556706"
},
{
"name": "ADV-2010-2871",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2871"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.edu/diary.html?storyid=9817"
},
{
"name": "RHSA-2010:0810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0810.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html"
},
{
"name": "15352",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15352"
},
{
"name": "oval:org.mitre.oval:def:12108",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108"
},
{
"name": "42003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42003"
},
{
"name": "FEDORA-2010-16897",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name": "RHSA-2010:0861",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name": "FEDORA-2010-16885",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
},
{
"name": "15342",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15342"
},
{
"name": "ADV-2010-2864",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2864"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-3765",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-04T03:55:28.039016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-10-06",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3765"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:51.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3765"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-06T00:00:00+00:00",
"value": "CVE-2010-3765 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44425"
},
{
"name": "RHSA-2010:0812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0812.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53"
},
{
"name": "ADV-2010-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2837"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=646997"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114335"
},
{
"name": "41965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41965"
},
{
"name": "41975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41975"
},
{
"name": "RHSA-2010:0896",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
},
{
"name": "RHSA-2010:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0808.html"
},
{
"name": "15341",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15341"
},
{
"name": "1024651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024651"
},
{
"name": "41761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41761"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222"
},
{
"name": "FEDORA-2010-17105",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed\u0026utm_medium=twitter"
},
{
"name": "41969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41969"
},
{
"name": "USN-1011-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1011-3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/"
},
{
"name": "USN-1011-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1011-1"
},
{
"name": "1024650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024650"
},
{
"name": "USN-1011-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1011-2"
},
{
"name": "RHSA-2010:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0809.html"
},
{
"name": "MDVSA-2010:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:219"
},
{
"name": "42867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/"
},
{
"name": "ADV-2010-2857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2857"
},
{
"name": "ADV-2011-0061",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114329"
},
{
"name": "DSA-2124",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2124"
},
{
"name": "1024645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024645"
},
{
"name": "42043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42043"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.norman.com/security_center/virus_description_archive/129146/"
},
{
"name": "41966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41966"
},
{
"name": "MDVSA-2010:213",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:213"
},
{
"name": "42008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42008"
},
{
"name": "FEDORA-2010-16883",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html"
},
{
"name": "SSA:2010-305-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.556706"
},
{
"name": "ADV-2010-2871",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2871"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.edu/diary.html?storyid=9817"
},
{
"name": "RHSA-2010:0810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0810.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html"
},
{
"name": "15352",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15352"
},
{
"name": "oval:org.mitre.oval:def:12108",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108"
},
{
"name": "42003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42003"
},
{
"name": "FEDORA-2010-16897",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name": "RHSA-2010:0861",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name": "FEDORA-2010-16885",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
},
{
"name": "15342",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15342"
},
{
"name": "ADV-2010-2864",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2864"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3765",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44425"
},
{
"name": "RHSA-2010:0812",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0812.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53"
},
{
"name": "ADV-2010-2837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2837"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=646997",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=646997"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114335",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114335"
},
{
"name": "41965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41965"
},
{
"name": "41975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41975"
},
{
"name": "RHSA-2010:0896",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html"
},
{
"name": "RHSA-2010:0808",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0808.html"
},
{
"name": "15341",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15341"
},
{
"name": "1024651",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024651"
},
{
"name": "41761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41761"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=607222"
},
{
"name": "FEDORA-2010-17105",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html"
},
{
"name": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed\u0026utm_medium=twitter",
"refsource": "MISC",
"url": "http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed\u0026utm_medium=twitter"
},
{
"name": "41969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41969"
},
{
"name": "USN-1011-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1011-3"
},
{
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/",
"refsource": "MISC",
"url": "http://www.norman.com/about_norman/press_center/news_archive/2010/129223/"
},
{
"name": "USN-1011-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1011-1"
},
{
"name": "1024650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024650"
},
{
"name": "USN-1011-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1011-2"
},
{
"name": "RHSA-2010:0809",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0809.html"
},
{
"name": "MDVSA-2010:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:219"
},
{
"name": "42867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42867"
},
{
"name": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/",
"refsource": "CONFIRM",
"url": "http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/"
},
{
"name": "ADV-2010-2857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2857"
},
{
"name": "ADV-2011-0061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114329",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114329"
},
{
"name": "DSA-2124",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2124"
},
{
"name": "1024645",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024645"
},
{
"name": "42043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42043"
},
{
"name": "http://www.norman.com/security_center/virus_description_archive/129146/",
"refsource": "MISC",
"url": "http://www.norman.com/security_center/virus_description_archive/129146/"
},
{
"name": "41966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41966"
},
{
"name": "MDVSA-2010:213",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:213"
},
{
"name": "42008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42008"
},
{
"name": "FEDORA-2010-16883",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html"
},
{
"name": "SSA:2010-305-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.556706"
},
{
"name": "ADV-2010-2871",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2871"
},
{
"name": "http://isc.sans.edu/diary.html?storyid=9817",
"refsource": "MISC",
"url": "http://isc.sans.edu/diary.html?storyid=9817"
},
{
"name": "RHSA-2010:0810",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0810.html"
},
{
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-73.html"
},
{
"name": "15352",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15352"
},
{
"name": "oval:org.mitre.oval:def:12108",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12108"
},
{
"name": "42003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42003"
},
{
"name": "FEDORA-2010-16897",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name": "RHSA-2010:0861",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name": "FEDORA-2010-16885",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
},
{
"name": "15342",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15342"
},
{
"name": "ADV-2010-2864",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2864"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3765",
"datePublished": "2010-10-27T22:00:00.000Z",
"dateReserved": "2010-10-05T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:51.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…