Gravità: : Critico
  Identificatori CVE: CVE-2010-3343,CVE-2010-3765
  Data notifica: 21 luglio 2015

  Descrizione

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1004493
  Trend Micro Deep Security DPI Rule Name: 1004493 - Mozilla Firefox Remote Heap Buffer Overflow Vulnerability

  Software e versione interessati:

  • Microsoft Internet Explorer
  • mozilla firefox 3.5
  • mozilla firefox 3.5.1
  • mozilla firefox 3.5.10
  • mozilla firefox 3.5.11
  • mozilla firefox 3.5.12
  • mozilla firefox 3.5.13
  • mozilla firefox 3.5.14
  • mozilla firefox 3.5.2
  • mozilla firefox 3.5.3
  • mozilla firefox 3.5.4
  • mozilla firefox 3.5.5
  • mozilla firefox 3.5.6
  • mozilla firefox 3.5.7
  • mozilla firefox 3.5.8
  • mozilla firefox 3.5.9
  • mozilla firefox 3.6
  • mozilla firefox 3.6.10
  • mozilla firefox 3.6.11
  • mozilla firefox 3.6.2
  • mozilla firefox 3.6.3
  • mozilla firefox 3.6.4
  • mozilla firefox 3.6.6
  • mozilla firefox 3.6.7
  • mozilla firefox 3.6.8
  • mozilla firefox 3.6.9
  • mozilla seamonkey 2.0
  • mozilla seamonkey 2.0.1
  • mozilla seamonkey 2.0.2
  • mozilla seamonkey 2.0.3
  • mozilla seamonkey 2.0.4
  • mozilla seamonkey 2.0.5
  • mozilla seamonkey 2.0.6
  • mozilla seamonkey 2.0.7
  • mozilla seamonkey 2.0.8
  • mozilla seamonkey 2.0.9
  • mozilla thunderbird 3.0.1
  • mozilla thunderbird 3.0.2
  • mozilla thunderbird 3.0.3
  • mozilla thunderbird 3.0.4
  • mozilla thunderbird 3.0.5
  • mozilla thunderbird 3.0.6
  • mozilla thunderbird 3.0.7
  • mozilla thunderbird 3.0.8
  • mozilla thunderbird 3.0.9
  • mozilla thunderbird 3.1.1
  • mozilla thunderbird 3.1.2
  • mozilla thunderbird 3.1.3
  • mozilla thunderbird 3.1.4
  • mozilla thunderbird 3.1.5

Minacce informatiche correlate