CVE-2010-1198 — Mozilla Seamonkey vulnerability

CWE-39911 documents6 sources

Severity

9.3CRITICALNVD

EPSS

5.3%

top 9.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Firefox

Timeline

PublishedJun 24

Latest updateMay 2

Description

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDmozilla/seamonkey2.0.4+34

▶NVDmozilla/firefox12 versions+11

🔴Vulnerability Details

GHSA

GHSA-rx9r-2whj-rpjv: Use-after-free vulnerability in Mozilla Firefox 3↗2022-05-02

▶

CVEList

CVE-2010-1198: Use-after-free vulnerability in Mozilla Firefox 3↗2010-06-23

▶

📋Vendor Advisories

Ubuntu

Firefox and Xulrunner vulnerability↗2010-07-26

▶

Ubuntu

Firefox and Xulrunner vulnerabilities↗2010-07-23

▶

Ubuntu

ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packagekit, ubufox, webfav, yelp update↗2010-07-23

▶

Ubuntu

Firefox regression↗2010-06-30

▶

Ubuntu

Firefox and Xulrunner vulnerabilities↗2010-06-29

▶

💬Community

Bugzilla

CVE-2010-1198 Mozilla Freed object reuse across plugin instances↗2010-05-10

▶