CVE-2010-2753Integer Overflow or Wraparound in Mozilla Firefox

CWE-190Integer Overflow or WraparoundCWE-416Use After FreeCWE-352Cross-Site Request Forgery21 documents8 sources
Severity
9.3CRITICALNVD
NVD8.8CNA8.8
EPSS
4.1%
top 11.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+4 more
Timeline
PublishedJul 30
Latest updateMay 17

Description

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

NVDmozilla/firefox3.53.5.11+89
NVDmozilla/seamonkey< 2.0.6+41
NVDmozilla/thunderbird3.03.0.6+68
NVDopensuse/opensuse11.1, 11.2, 11.3+2

🔴Vulnerability Details

4
GHSA
GHSA-m5jc-6mwc-7vc7: Integer overflow in Mozilla Firefox 32022-05-17
GHSA
GHSA-vfwv-gjcf-p528: Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 32022-05-17
CVEList
CVE-2010-2760: Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 32010-09-09
CVEList
CVE-2010-2753: Integer overflow in Mozilla Firefox 32010-07-30

🔍Detection Rules

1
Suricata
ET WEB_CLIENT Mozilla Firefox nsTreeSelection Element invalidateSelection Remote Code Execution Attempt2011-06-30

📋Vendor Advisories

8
Red Hat
SquirrelMail: CSRF in the empty trash feature and in Index Order page2011-07-12
Red Hat
Mozilla Dangling pointer vulnerability in nsTreeSelection (MFSA 2010-54)2010-09-07
Ubuntu
Thunderbird vulnerabilities2010-07-26
Ubuntu
Firefox and Xulrunner vulnerability2010-07-26
Ubuntu
Firefox and Xulrunner vulnerabilities2010-07-23

📐Framework References

2
CWE
Use After Free
CWE
Integer Overflow or Wraparound

💬Community

4
Bugzilla
CVE-2011-2753 SquirrelMail: CSRF in the empty trash feature and in Index Order page2011-07-18
Bugzilla
CVE-2010-4555 SquirrelMail: Multiple XSS flaws2011-07-12
Bugzilla
CVE-2010-2760 Mozilla Dangling pointer vulnerability in nsTreeSelection (MFSA 2010-54)2010-09-03
Bugzilla
CVE-2010-2753 Mozilla nsTreeSelection dangling pointer remote code execution vulnerability2010-07-16
CVE-2010-2753 — Integer Overflow or Wraparound | cvebase