Vulnerabilities > CVE-2010-1987 - Resource Management Errors vulnerability in Mozilla Firefox 3.6.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
id | EDB-ID:12678 |
Oval
accepted | 2014-10-06T04:00:30.332-04:00 | ||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||
description | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571. | ||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12013 | ||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||
submitted | 2010-08-20T16:05:03 | ||||||||||||||||||||||||||||||||||||
title | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571. | ||||||||||||||||||||||||||||||||||||
version | 31 |
Seebug
bulletinFamily | exploit |
description | CVE(CAN) ID: CVE-2010-1986,CVE-2010-1987,CVE-2010-1988 Firefox是非常流行的开源WEB浏览器。 Firefox的xul.dll库中的gfxWindowsFontGroup::MakeTextRun函数和USP10.dll库的 DoubleWideCharMappedString类中存在多个拒绝服务漏洞。如果网页中的JavaScript代码可创建包含有超长字符串元素的数组之后将超长字符串附加到了P元素的内容,就会触发内存破坏或空指针引用,导致浏览器崩溃。 Mozilla Firefox 3.6.3 厂商补丁: Mozilla ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.mozilla.org/ |
id | SSV:19683 |
last seen | 2017-11-19 |
modified | 2010-05-24 |
published | 2010-05-24 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-19683 |
title | Mozilla Firefox 3.6.3 USP10.dll和xul.dll库多个拒绝服务漏洞 |
References
- http://osvdb.org/64790
- http://www.exploit-db.com/exploits/12678
- http://www.securityfocus.com/archive/1/511329/100/0/threaded
- http://www.x90c.org/advisories/firefox_3.6.3_crash_advisory.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58762
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12013