RHSA-2010:0896

Executive Summary

Summary
Title	thunderbird security update

Informations
Name	RHSA-2010:0896	First vendor Publication	2010-11-17
Vendor	RedHat	Last vendor Modification	2010-11-17
Severity (Vendor)	Moderate	Revision	01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated thunderbird package that fixes several security issues is now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

A race condition flaw was found in the way Thunderbird handled Document
Object Model (DOM) element properties. An HTML mail message containing
malicious content could cause Thunderbird to crash or, potentially, execute
arbitrary code with the privileges of the user running Thunderbird.
(CVE-2010-3765)

Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code with the privileges of the
user running Thunderbird. (CVE-2010-3175, CVE-2010-3176, CVE-2010-3179,
CVE-2010-3180, CVE-2010-3183)

A same-origin policy bypass flaw was found in Thunderbird. Remote HTML
content could steal private data from different remote HTML content
Thunderbird had loaded. (CVE-2010-3178)

Note: JavaScript support is disabled by default in Thunderbird. The above
issues are not exploitable unless JavaScript is enabled.

A flaw was found in the script that launches Thunderbird. The
LD_LIBRARY_PATH variable was appending a "." character, which could allow a
local attacker to execute arbitrary code with the privileges of a different
user running Thunderbird, if that user ran Thunderbird from within an
attacker-controlled directory. (CVE-2010-3182)

All Thunderbird users should upgrade to this updated package, which
resolves these issues. All running instances of Thunderbird must be
restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards
642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards
642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write
642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp
642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter
642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls
642300 - CVE-2010-3182 Mozilla unsafe library loading flaw
646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0896.html

CWE : Common Weakness Enumeration

id	Name
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-399	Resource Management Errors
CWE-264	Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11943

Oval ID:	oval:org.mitre.oval:def:11943
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3175	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version 3.6.x before 3.6.11 Mozilla Firefox is installed AND Check if the version of Mozilla Firefox is 3.6.x before 3.6.11 OR Mozilla Thunderbird and version 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if the version of Mozilla Thunderbird is 3.1.x before 3.1.5

Definition Id: oval:org.mitre.oval:def:12132

Oval ID:	oval:org.mitre.oval:def:12132
Title:	Denial of service in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3176	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version 3.5.x before 3.5.14 or 3.6.x before 3.6.11 Mozilla Firefox is installed AND Mozilla Firefox version 3.5.x before 3.5.14 or 3.6.x before 3.6.11 Check if the version of Mozilla Firefox is 3.5.x before 3.5.14 AND Check if the version of Mozilla Firefox is 3.6.x before 3.6.11 OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.0.9 and 3.1.x before 3.1.5 OR Mozilla Seamonkey and version less than 2.0.9 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is less than 2.0.9

Definition Id: oval:org.mitre.oval:def:12120

Oval ID:	oval:org.mitre.oval:def:12120
Title:	Vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 via crafted HTML document
Description:	Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3178	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version before 3.5.14 and 3.6.x before 3.6.11 Mozilla Firefox is installed AND Check if Mozilla Firefox version is before 3.5.14 and 3.6.x before 3.6.11 OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.0.9 and 3.1.x before 3.1.5 OR Mozilla Seamonkey and version less than 2.0.9 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is less than 2.0.9

Definition Id: oval:org.mitre.oval:def:11675

Oval ID:	oval:org.mitre.oval:def:11675
Title:	Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9
Description:	Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3179	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version before 3.5.14 and 3.6.x before 3.6.11 Mozilla Firefox is installed AND Check if Mozilla Firefox version is before 3.5.14 and 3.6.x before 3.6.11 OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.0.9 and 3.1.x before 3.1.5 OR Mozilla Seamonkey and version less than 2.0.9 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is less than 2.0.9

Definition Id: oval:org.mitre.oval:def:12158

Oval ID:	oval:org.mitre.oval:def:12158
Title:	Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9
Description:	Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3180	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version before 3.5.14 and 3.6.x before 3.6.11 Mozilla Firefox is installed AND Check if Mozilla Firefox version is before 3.5.14 and 3.6.x before 3.6.11 OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.0.9 and 3.1.x before 3.1.5 OR Mozilla Seamonkey and version less than 2.0.9 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is less than 2.0.9

Definition Id: oval:org.mitre.oval:def:13844

Oval ID:	oval:org.mitre.oval:def:13844
Title:	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Description:	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3182	Version:	5
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Determine if the version of Mozilla Firefox is less than or equal to 1.5 and is greater than or equal to 1.0 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 1.5 AND Determine if the version of Mozilla Firefox is greater than or equal to 1.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2 and is greater than or equal to 1.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0 OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.10 and is greater than or equal to 3.0 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 3.6.10 AND Determine if the version of Mozilla Firefox is greater than or equal to 3.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 and is greater than or equal to 2.0.0.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.4 and is greater than or equal to 3.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 3.0 OR Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 and is greater than or equal to 2.0.0.1 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 AND Determine if the version of Mozilla Firefox is greater than or equal to 2.0.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1

Definition Id: oval:org.mitre.oval:def:11891

Oval ID:	oval:org.mitre.oval:def:11891
Title:	Vulnerability in the LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9
Description:	The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3183	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox and version before 3.5.14 and 3.6.x before 3.6.11 Mozilla Firefox is installed AND Check if Mozilla Firefox version is before 3.5.14 and 3.6.x before 3.6.11 OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5 Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.0.9 and 3.1.x before 3.1.5 OR Mozilla Seamonkey and version less than 2.0.9 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is less than 2.0.9

Definition Id: oval:org.mitre.oval:def:12108

Oval ID:	oval:org.mitre.oval:def:12108
Title:	Arbitrary code execution vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10
Description:	Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3765	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox is installed and the version is 3.5.x before 3.5.15, 3.6.x before 3.6.12 Mozilla Firefox is installed AND Either versions of Mozilla Firefox is installed Check if the version of Mozilla Firefox is 3.5.x before 3.5.15 AND Check if the version of Mozilla Firefox is 3.6.x before 3.6.12 OR Mozilla Thunderbird is installed and version is 3.1.x before 3.1.6, 3.0.x before 3.0.10 Mozilla Thunderbird is installed AND Either versions of Mozilla Thunderbird is installed Check if the version of Mozilla Thunderbird is 3.1.x before 3.1.6 AND Check if the version of Mozilla Thunderbird is 3.0.x before 3.0.10 OR Mozilla Seamonkey is installed and version is 2.x before 2.0.10 Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is 2.x before 2.0.10

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mozilla Firefox cpe:/a:mozilla:firefox:3.6.9 cpe:/a:mozilla:firefox:3.6.8 cpe:/a:mozilla:firefox:3.6.7 cpe:/a:mozilla:firefox:3.6.6 cpe:/a:mozilla:firefox:3.6.4 cpe:/a:mozilla:firefox:3.6.3 cpe:/a:mozilla:firefox:3.6.2 cpe:/a:mozilla:firefox:3.6.11 cpe:/a:mozilla:firefox:3.6.10 cpe:/a:mozilla:firefox:3.6 cpe:/a:mozilla:firefox:3.5.9 cpe:/a:mozilla:firefox:3.5.8 cpe:/a:mozilla:firefox:3.5.7 cpe:/a:mozilla:firefox:3.5.6 cpe:/a:mozilla:firefox:3.5.5 cpe:/a:mozilla:firefox:3.5.4 cpe:/a:mozilla:firefox:3.5.3 cpe:/a:mozilla:firefox:3.5.2 cpe:/a:mozilla:firefox:3.5.14 cpe:/a:mozilla:firefox:3.5.13 cpe:/a:mozilla:firefox:3.5.12 cpe:/a:mozilla:firefox:3.5.11 cpe:/a:mozilla:firefox:3.5.10 cpe:/a:mozilla:firefox:3.5.1 cpe:/a:mozilla:firefox:3.5 cpe:/a:mozilla:firefox:3.0.9 cpe:/a:mozilla:firefox:3.0.8 cpe:/a:mozilla:firefox:3.0.7 cpe:/a:mozilla:firefox:3.0.6 cpe:/a:mozilla:firefox:3.0.5 cpe:/a:mozilla:firefox:3.0.4 cpe:/a:mozilla:firefox:3.0.3 cpe:/a:mozilla:firefox:3.0.2 cpe:/a:mozilla:firefox:3.0.17 cpe:/a:mozilla:firefox:3.0.16 cpe:/a:mozilla:firefox:3.0.15 cpe:/a:mozilla:firefox:3.0.14 cpe:/a:mozilla:firefox:3.0.13 cpe:/a:mozilla:firefox:3.0.12 cpe:/a:mozilla:firefox:3.0.11 cpe:/a:mozilla:firefox:3.0.10 cpe:/a:mozilla:firefox:3.0.1 cpe:/a:mozilla:firefox:3.0 cpe:/a:mozilla:firefox:2.0.0.9 cpe:/a:mozilla:firefox:2.0.0.8 cpe:/a:mozilla:firefox:2.0.0.7 cpe:/a:mozilla:firefox:2.0.0.6 cpe:/a:mozilla:firefox:2.0.0.5 cpe:/a:mozilla:firefox:2.0.0.4 cpe:/a:mozilla:firefox:2.0.0.3 cpe:/a:mozilla:firefox:2.0.0.20 cpe:/a:mozilla:firefox:2.0.0.2 cpe:/a:mozilla:firefox:2.0.0.19 cpe:/a:mozilla:firefox:2.0.0.18 cpe:/a:mozilla:firefox:2.0.0.17 cpe:/a:mozilla:firefox:2.0.0.16 cpe:/a:mozilla:firefox:2.0.0.15 cpe:/a:mozilla:firefox:2.0.0.14 cpe:/a:mozilla:firefox:2.0.0.13 cpe:/a:mozilla:firefox:2.0.0.12 cpe:/a:mozilla:firefox:2.0.0.11 cpe:/a:mozilla:firefox:2.0.0.10 cpe:/a:mozilla:firefox:2.0.0.1 cpe:/a:mozilla:firefox:2.0 cpe:/a:mozilla:firefox:1.5.8 cpe:/a:mozilla:firefox:1.5.7 cpe:/a:mozilla:firefox:1.5.6 cpe:/a:mozilla:firefox:1.5.5 cpe:/a:mozilla:firefox:1.5.4 cpe:/a:mozilla:firefox:1.5.3 cpe:/a:mozilla:firefox:1.5.2 cpe:/a:mozilla:firefox:1.5.1 cpe:/a:mozilla:firefox:1.5.0.9 cpe:/a:mozilla:firefox:1.5.0.8 cpe:/a:mozilla:firefox:1.5.0.7 cpe:/a:mozilla:firefox:1.5.0.6 cpe:/a:mozilla:firefox:1.5.0.5 cpe:/a:mozilla:firefox:1.5.0.4 cpe:/a:mozilla:firefox:1.5.0.3 cpe:/a:mozilla:firefox:1.5.0.2 cpe:/a:mozilla:firefox:1.5.0.12 cpe:/a:mozilla:firefox:1.5.0.11 cpe:/a:mozilla:firefox:1.5.0.10 cpe:/a:mozilla:firefox:1.5.0.1 cpe:/a:mozilla:firefox:1.5:beta1 cpe:/a:mozilla:firefox:1.5 cpe:/a:mozilla:firefox:1.5:beta2 cpe:/a:mozilla:firefox:1.0.8 cpe:/a:mozilla:firefox:1.0.7 cpe:/a:mozilla:firefox:1.0.6 cpe:/a:mozilla:firefox:1.0.5 cpe:/a:mozilla:firefox:1.0.4 cpe:/a:mozilla:firefox:1.0.3 cpe:/a:mozilla:firefox:1.0.2 cpe:/a:mozilla:firefox:1.0.1 cpe:/a:mozilla:firefox:1.0:preview_release cpe:/a:mozilla:firefox:1.0	97
Application	Mozilla Seamonkey cpe:/a:mozilla:seamonkey:2.0.9 cpe:/a:mozilla:seamonkey:2.0.8 cpe:/a:mozilla:seamonkey:2.0.7 cpe:/a:mozilla:seamonkey:2.0.6 cpe:/a:mozilla:seamonkey:2.0.5 cpe:/a:mozilla:seamonkey:2.0.4 cpe:/a:mozilla:seamonkey:2.0.3 cpe:/a:mozilla:seamonkey:2.0.2 cpe:/a:mozilla:seamonkey:2.0.1 cpe:/a:mozilla:seamonkey:2.0:alpha_1 cpe:/a:mozilla:seamonkey:2.0:rc2 cpe:/a:mozilla:seamonkey:2.0:alpha_3 cpe:/a:mozilla:seamonkey:2.0:beta_1 cpe:/a:mozilla:seamonkey:2.0:alpha_2 cpe:/a:mozilla:seamonkey:2.0:rc1 cpe:/a:mozilla:seamonkey:2.0:beta_2 cpe:/a:mozilla:seamonkey:2.0 cpe:/a:mozilla:seamonkey:1.5.0.9 cpe:/a:mozilla:seamonkey:1.5.0.8 cpe:/a:mozilla:seamonkey:1.5.0.10 cpe:/a:mozilla:seamonkey:1.1.9 cpe:/a:mozilla:seamonkey:1.1.8 cpe:/a:mozilla:seamonkey:1.1.7 cpe:/a:mozilla:seamonkey:1.1.6 cpe:/a:mozilla:seamonkey:1.1.5 cpe:/a:mozilla:seamonkey:1.1.4 cpe:/a:mozilla:seamonkey:1.1.3 cpe:/a:mozilla:seamonkey:1.1.2 cpe:/a:mozilla:seamonkey:1.1.19 cpe:/a:mozilla:seamonkey:1.1.18 cpe:/a:mozilla:seamonkey:1.1.17 cpe:/a:mozilla:seamonkey:1.1.16 cpe:/a:mozilla:seamonkey:1.1.15 cpe:/a:mozilla:seamonkey:1.1.14 cpe:/a:mozilla:seamonkey:1.1.13 cpe:/a:mozilla:seamonkey:1.1.12 cpe:/a:mozilla:seamonkey:1.1.11 cpe:/a:mozilla:seamonkey:1.1.10 cpe:/a:mozilla:seamonkey:1.1.1 cpe:/a:mozilla:seamonkey:1.1:alpha cpe:/a:mozilla:seamonkey:1.1:beta cpe:/a:mozilla:seamonkey:1.1 cpe:/a:mozilla:seamonkey:1.0.9 cpe:/a:mozilla:seamonkey:1.0.8 cpe:/a:mozilla:seamonkey:1.0.7 cpe:/a:mozilla:seamonkey:1.0.6 cpe:/a:mozilla:seamonkey:1.0.5 cpe:/a:mozilla:seamonkey:1.0.4 cpe:/a:mozilla:seamonkey:1.0.3 cpe:/a:mozilla:seamonkey:1.0.2 cpe:/a:mozilla:seamonkey:1.0.1 cpe:/a:mozilla:seamonkey:1.0 cpe:/a:mozilla:seamonkey:1.0:beta cpe:/a:mozilla:seamonkey:1.0:alpha	54
Application	Mozilla Thunderbird cpe:/a:mozilla:thunderbird:3.1.5 cpe:/a:mozilla:thunderbird:3.1.4 cpe:/a:mozilla:thunderbird:3.1.3 cpe:/a:mozilla:thunderbird:3.1.2 cpe:/a:mozilla:thunderbird:3.1.1 cpe:/a:mozilla:thunderbird:3.1 cpe:/a:mozilla:thunderbird:3.0.9 cpe:/a:mozilla:thunderbird:3.0.8 cpe:/a:mozilla:thunderbird:3.0.7 cpe:/a:mozilla:thunderbird:3.0.6 cpe:/a:mozilla:thunderbird:3.0.5 cpe:/a:mozilla:thunderbird:3.0.4 cpe:/a:mozilla:thunderbird:3.0.3 cpe:/a:mozilla:thunderbird:3.0.2 cpe:/a:mozilla:thunderbird:3.0.1 cpe:/a:mozilla:thunderbird:3.0 cpe:/a:mozilla:thunderbird:2.0.0.9 cpe:/a:mozilla:thunderbird:2.0.0.8 cpe:/a:mozilla:thunderbird:2.0.0.7 cpe:/a:mozilla:thunderbird:2.0.0.6 cpe:/a:mozilla:thunderbird:2.0.0.5 cpe:/a:mozilla:thunderbird:2.0.0.4 cpe:/a:mozilla:thunderbird:2.0.0.3 cpe:/a:mozilla:thunderbird:2.0.0.23 cpe:/a:mozilla:thunderbird:2.0.0.22 cpe:/a:mozilla:thunderbird:2.0.0.21 cpe:/a:mozilla:thunderbird:2.0.0.2 cpe:/a:mozilla:thunderbird:2.0.0.19 cpe:/a:mozilla:thunderbird:2.0.0.18 cpe:/a:mozilla:thunderbird:2.0.0.17 cpe:/a:mozilla:thunderbird:2.0.0.16 cpe:/a:mozilla:thunderbird:2.0.0.14 cpe:/a:mozilla:thunderbird:2.0.0.12 cpe:/a:mozilla:thunderbird:2.0.0.1 cpe:/a:mozilla:thunderbird:2.0.0.0 cpe:/a:mozilla:thunderbird:2.0 cpe:/a:mozilla:thunderbird:1.5.2 cpe:/a:mozilla:thunderbird:1.5.1 cpe:/a:mozilla:thunderbird:1.5.0.9 cpe:/a:mozilla:thunderbird:1.5.0.8 cpe:/a:mozilla:thunderbird:1.5.0.7 cpe:/a:mozilla:thunderbird:1.5.0.6 cpe:/a:mozilla:thunderbird:1.5.0.5 cpe:/a:mozilla:thunderbird:1.5.0.4 cpe:/a:mozilla:thunderbird:1.5.0.3 cpe:/a:mozilla:thunderbird:1.5.0.2 cpe:/a:mozilla:thunderbird:1.5.0.14 cpe:/a:mozilla:thunderbird:1.5.0.13 cpe:/a:mozilla:thunderbird:1.5.0.12 cpe:/a:mozilla:thunderbird:1.5.0.11 cpe:/a:mozilla:thunderbird:1.5.0.10 cpe:/a:mozilla:thunderbird:1.5.0.1 cpe:/a:mozilla:thunderbird:1.5 cpe:/a:mozilla:thunderbird:1.5:beta2 cpe:/a:mozilla:thunderbird:1.0.8 cpe:/a:mozilla:thunderbird:1.0.7 cpe:/a:mozilla:thunderbird:1.0.6 cpe:/a:mozilla:thunderbird:1.0.5 cpe:/a:mozilla:thunderbird:1.0.4 cpe:/a:mozilla:thunderbird:1.0.3 cpe:/a:mozilla:thunderbird:1.0.2 cpe:/a:mozilla:thunderbird:1.0.1 cpe:/a:mozilla:thunderbird:1.0 cpe:/a:mozilla:thunderbird:0.9 cpe:/a:mozilla:thunderbird:0.8 cpe:/a:mozilla:thunderbird:0.7.3 cpe:/a:mozilla:thunderbird:0.7.2 cpe:/a:mozilla:thunderbird:0.7.1 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:thunderbird:0.5 cpe:/a:mozilla:thunderbird:0.4 cpe:/a:mozilla:thunderbird:0.3 cpe:/a:mozilla:thunderbird:0.2 cpe:/a:mozilla:thunderbird:0.1	75

SAINT Exploits

Description	Link
Mozilla Firefox document.write and DOM insertion memory corruption	More info here

ExploitDB Exploits

id	Description
2010-10-28	Firefox Memory Corruption Proof of Concept (Simplified)

Open Source Vulnerability Database (OSVDB)

id	Description
68921	Mozilla Thunderbird DOM Insertion document.write() Unspecified Overflow
68905	Mozilla Firefox DOM Insertion document.write() Unspecified Overflow
68854	Mozilla Multiple Products LookupGetterOrSetter Function window.__lookupGetter...
68853	Mozilla Multiple Products on Linux Unspecified Application-launch Script LD_L...
68851	Mozilla Multiple Products nsBarProp Function Use-after-free Closed Window loc...
68850	Mozilla Multiple Products Text-rendering document.write Method Long Argument ...
68849	Mozilla Multiple Products Javascript: URL Modal Call Crafted HTML Document Sa...
68847	Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corrupti...
68846	Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corrupti...

Metasploit Database

id	Description
2010-10-25	Mozilla Firefox Interleaved document.write/appendChild Memory Corruption

Global Informations

Type	Count
Oval ID(s)	8
CPE ID(s)	226
Saint Exploit(s)	1
osvdb(s)	9
ExploitDB Exploit(s)	1
Metasploit Exploit(s)	1

Related	Severity
CVE-2010-3765	(Critical)
CVE-2010-3183	(Critical)
CVE-2010-3180	(Critical)
CVE-2010-3179	(Critical)
CVE-2010-3176	(Critical)
CVE-2010-3175	(Critical)
CVE-2010-3182	(Medium)
CVE-2010-3178	(Medium)