CVE-2010-2754

Published: Jul 30, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.

Affected (72)

Products: Mozilla: Firefox, Thunderbird, Seamonkey

3 products

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 3.5.10
Mozilla Firefox	Version 3.5.1
Mozilla Firefox	Version 3.5.2
Mozilla Firefox	Version 3.5.3
Mozilla Firefox	Version 3.5.4
Mozilla Firefox	Version 3.5.5
Mozilla Firefox	Version 3.5.6
Mozilla Firefox	Version 3.5.7
Mozilla Firefox	Version 3.5.9
Mozilla Firefox	Version 3.6.1
Mozilla Firefox	Version 3.6.2
Mozilla Firefox	Version 3.6.3
Mozilla Firefox	Version 3.6.4
Mozilla Firefox	Version 3.6.6

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird	Version 3.0.1
Mozilla Thunderbird	Version 3.0.2
Mozilla Thunderbird	Version 3.0.3
Mozilla Thunderbird	Version 3.0.4
Mozilla Thunderbird	Version 3.0.5
Mozilla Thunderbird	Version 3.0
Mozilla Thunderbird	Version 3.1

Configuration C

51 vulnerable

Vulnerable Software	Affected Versions
Mozilla Seamonkey	Up to 2.0.5
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.2
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.4
Mozilla Seamonkey	Version 1.0.5
Mozilla Seamonkey	Version 1.0.6
Mozilla Seamonkey	Version 1.0.7
Mozilla Seamonkey	Version 1.0.8
Mozilla Seamonkey	Version 1.0.9
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0 alpha
Mozilla Seamonkey	Version 1.0 beta
Mozilla Seamonkey	Version 1.1.10
Mozilla Seamonkey	Version 1.1.11
Mozilla Seamonkey	Version 1.1.12
Mozilla Seamonkey	Version 1.1.13
Mozilla Seamonkey	Version 1.1.14
Mozilla Seamonkey	Version 1.1.15
Mozilla Seamonkey	Version 1.1.16
Mozilla Seamonkey	Version 1.1.17
Mozilla Seamonkey	Version 1.1.18
Mozilla Seamonkey	Version 1.1.19
Mozilla Seamonkey	Version 1.1.1
Mozilla Seamonkey	Version 1.1.2
Mozilla Seamonkey	Version 1.1.3
Mozilla Seamonkey	Version 1.1.4
Mozilla Seamonkey	Version 1.1.5
Mozilla Seamonkey	Version 1.1.6
Mozilla Seamonkey	Version 1.1.7
Mozilla Seamonkey	Version 1.1.8
Mozilla Seamonkey	Version 1.1.9
Mozilla Seamonkey	Version 1.1
Mozilla Seamonkey	Version 1.1 alpha
Mozilla Seamonkey	Version 1.1 beta
Mozilla Seamonkey	Version 1.5.0.10
Mozilla Seamonkey	Version 1.5.0.8
Mozilla Seamonkey	Version 1.5.0.9
Mozilla Seamonkey	Version 2.0.1
Mozilla Seamonkey	Version 2.0.2
Mozilla Seamonkey	Version 2.0.3
Mozilla Seamonkey	Version 2.0.4
Mozilla Seamonkey	Version 2.0
Mozilla Seamonkey	Version 2.0 alpha_1
Mozilla Seamonkey	Version 2.0 alpha_2
Mozilla Seamonkey	Version 2.0 alpha_3
Mozilla Seamonkey	Version 2.0 beta_1
Mozilla Seamonkey	Version 2.0 beta_2
Mozilla Seamonkey	Version 2.0 rc1
Mozilla Seamonkey	Version 2.0 rc2
Mozilla Seamonkey	Version 2.0a1pre