← Back

CVE-2010-2753

nvd nist
Published: Jul 30, 2010Modified: Apr 29, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.

Affected (14)

Mozilla
3 products
Firefox
Seamonkey
Thunderbird
Opensuse
1 product
Opensuse
Suse
3 products
Linux Enterprise Desktop
Linux Enterprise Server
Linux Enterprise Software Development Kit
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Firefox
From 3.5 to 3.5.11
Firefox
From 3.6 to 3.6.7
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Seamonkey
Before 2.0.6
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Thunderbird
From 3.0 to 3.0.6
Thunderbird
Version 3.1
Configuration D
9 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 11.1
Opensuse
Version 11.2
Opensuse
Version 11.3
Suse
Linux Enterprise Desktop
Version 11
Linux Enterprise Desktop
Version 11 sp1
Suse
Linux Enterprise Server
Version 11
Linux Enterprise Server
Version 11 sp1
Suse
Linux Enterprise Software Development Kit
Version 11
Linux Enterprise Software Development Kit
Version 11 sp1

Related CWEs

CWE-190
Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (14)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
ExploitIssue Tracking
Source: cve@mitre.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.