cve/CVE-2010-3765.md at 48a00929accbe24477052d164512463a2824377a

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

POC

Reference

http://www.exploit-db.com/exploits/15342
http://www.ubuntu.com/usn/USN-1011-2
https://bugzilla.mozilla.org/show_bug.cgi?id=607222
https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53

Github

No PoCs found on GitHub currently.

1.1 KiB Raw Blame History

CVE-2010-3765

Description

POC

Reference

Github

1.1 KiB

Raw Blame History