CVE-2010-0167
published 2010-03-25CVE-2010-0167: The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
10.51%
95.2th percentile
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
Affected
74 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | seamonkey | <= 2.0.2 | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
firefox/thunderbird/seamonkey: crashes with evidence of memory corruption (MFSA 2010-11)
vendor_redhat·2010-03-23·CVSS 9.3
CVE-2010-0167 [CRITICAL] firefox/thunderbird/seamonkey: crashes with evidence of memory corruption (MFSA 2010-11)
firefox/thunderbird/seamonkey: crashes with evidence of memory corruption (MFSA 2010-11)
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
GHSA
GHSA-pfj8-2727-hwr9: The browser engine in Mozilla Firefox 3
ghsa_unreviewed·2022-05-02
CVE-2010-0167 [HIGH] CWE-119 GHSA-pfj8-2727-hwr9: The browser engine in Mozilla Firefox 3
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
No detection rules found.
Exploit-DB
RealVNC 3.3.7 - Client Buffer Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2001-0167 RealVNC 3.3.7 - Client Buffer Overflow (Metasploit)
RealVNC 3.3.7 - Client Buffer Overflow (Metasploit)
---
##
# $Id: realvnc_client.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
class Metasploit3 'RealVNC 3.3.7 Client Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in RealVNC 3.3.7 (vncviewer.exe).
},
'Author' => 'MC',
'License' => MSF_LICENSE,
'Version' => '$Revision: 9179 $',
'References' =>
[
[ 'CVE', '2001-0167' ],
[ 'OSVDB', '6281' ],
[ 'BID', '2305' ],
],
'DefaultOptions' =>
{
'EXITFUNC' => 'thread',
},
'Payload' =>
{
'Space' => 500,
'BadChars' => "\x00\x
Exploit-DB
Mozilla Firefox/Thunderbird/SeaMonkey - Multiple Memory Corruption Vulnerabilities
exploitdb·2010-03-24
CVE-2010-0167 Mozilla Firefox/Thunderbird/SeaMonkey - Multiple Memory Corruption Vulnerabilities
Mozilla Firefox/Thunderbird/SeaMonkey - Multiple Memory Corruption Vulnerabilities
---
source: https://www.securityfocus.com/bid/38944/info
Mozilla Firefox, Thunderbird and Seamonkey are prone to multiple remote memory-corruption vulnerabilities.
Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
NOTE: These issues were previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but have been assigned their own record to better document them.
a b c d
http://www.mandriva.com/security/advisories?name=MDVSA-2010:070http://www.mozilla.org/security/announce/2010/mfsa2010-11.htmlhttp://www.securityfocus.com/bid/38918http://www.securityfocus.com/bid/38944http://www.vupen.com/english/advisories/2010/0692https://bugzilla.mozilla.org/show_bug.cgi?id=534082https://bugzilla.mozilla.org/show_bug.cgi?id=535641https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8610https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9835http://www.mandriva.com/security/advisories?name=MDVSA-2010:070http://www.mozilla.org/security/announce/2010/mfsa2010-11.htmlhttp://www.securityfocus.com/bid/38918http://www.securityfocus.com/bid/38944http://www.vupen.com/english/advisories/2010/0692https://bugzilla.mozilla.org/show_bug.cgi?id=534082https://bugzilla.mozilla.org/show_bug.cgi?id=535641https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8610https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9835
2010-03-25
Published