1. Home
  2. Vulnerabilities
  3. CVE-2010-1208

CVE-2010-1208

CVSS v3.1 8.8 (High)
88% Progress
CVSS v2.0 9.3 (High)
93% Progress
EPSS 13.33 % (96th)
13.33% Progress
Affected Products 2
Advisories 9
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2010-07-30 20:30:01
(14 years ago)
Updated Date
2024-02-02 16:10:03
(7 months ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox from 3.5 version and prior 3.5.11 version cpe:2.3:a:mozilla:firefox >= 3.5 < 3.5.11
  Mozilla Firefox from 3.6 version and prior 3.6.7 version cpe:2.3:a:mozilla:firefox >= 3.6 < 3.6.7

Configuration #2

    CPE23 From Up To
  Mozilla Seamonkey prior 2.0.6 version cpe:2.3:a:mozilla:seamonkey < 2.0.6