1. Home
  2. Vulnerabilities
  3. CVE-2010-1987

CVE-2010-1987

CVSS v2.0 5 (Medium)
50% Progress
EPSS 2.32 % (90th)
2.32% Progress
Affected Products 2
Info CVSS EPSS Affected Configurations References Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.

Weaknesses
CWE-399
Resource Management Errors
Related CVEs
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2010-05-20 17:30:01
(14 years ago)
Updated Date
2018-10-10 19:58:06
(6 years ago)

Affected Products

Microsoft

Mozilla

Configuration #1

AND
    CPE23 From Up To
OR  
  Mozilla Firefox 3.6.3 cpe:2.3:a:mozilla:firefox:3.6.3
OR  
  Running on/with
  Microsoft Windows Xp SP3 cpe:2.3:o:microsoft:windows_xp::sp3