CVE-2010-1210

intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
mozillafirefox
𝑥
≤ 3.6.6
mozillafirefox
0.1
mozillafirefox
0.2
mozillafirefox
0.3
mozillafirefox
0.4
mozillafirefox
0.5
mozillafirefox
0.6
mozillafirefox
0.6.1
mozillafirefox
0.7
mozillafirefox
0.7.1
mozillafirefox
0.8
mozillafirefox
0.9
mozillafirefox
0.9:rc
mozillafirefox
0.9.1
mozillafirefox
0.9.2
mozillafirefox
0.9.3
mozillafirefox
0.10
mozillafirefox
0.10.1
mozillafirefox
1.0
mozillafirefox
1.0:preview_release
mozillafirefox
1.0.1
mozillafirefox
1.0.2
mozillafirefox
1.0.3
mozillafirefox
1.0.4
mozillafirefox
1.0.5
mozillafirefox
1.0.6
mozillafirefox
1.0.7
mozillafirefox
1.0.8
mozillafirefox
1.4.1
mozillafirefox
1.5
mozillafirefox
1.5:beta1
mozillafirefox
1.5:beta2
mozillafirefox
1.5.0.1
mozillafirefox
1.5.0.2
mozillafirefox
1.5.0.3
mozillafirefox
1.5.0.4
mozillafirefox
1.5.0.5
mozillafirefox
1.5.0.6
mozillafirefox
1.5.0.7
mozillafirefox
1.5.0.8
mozillafirefox
1.5.0.9
mozillafirefox
1.5.0.10
mozillafirefox
1.5.0.11
mozillafirefox
1.5.0.12
mozillafirefox
1.5.1
mozillafirefox
1.5.2
mozillafirefox
1.5.3
mozillafirefox
1.5.4
mozillafirefox
1.5.5
mozillafirefox
1.5.6
mozillafirefox
1.5.7
mozillafirefox
1.5.8
mozillafirefox
1.8
mozillafirefox
2.0
mozillafirefox
2.0:beta_1
mozillafirefox
2.0:beta1
mozillafirefox
2.0:rc2
mozillafirefox
2.0:rc3
mozillafirefox
2.0.0.1
mozillafirefox
2.0.0.2
mozillafirefox
2.0.0.3
mozillafirefox
2.0.0.4
mozillafirefox
2.0.0.5
mozillafirefox
2.0.0.6
mozillafirefox
2.0.0.7
mozillafirefox
2.0.0.8
mozillafirefox
2.0.0.9
mozillafirefox
2.0.0.10
mozillafirefox
2.0.0.11
mozillafirefox
2.0.0.12
mozillafirefox
2.0.0.13
mozillafirefox
2.0.0.14
mozillafirefox
2.0.0.15
mozillafirefox
2.0.0.16
mozillafirefox
2.0.0.17
mozillafirefox
2.0.0.18
mozillafirefox
2.0.0.19
mozillafirefox
2.0.0.20
mozillafirefox
2.0.0.21
mozillafirefox
3.0
mozillafirefox
3.0:alpha
mozillafirefox
3.0:beta2
mozillafirefox
3.0:beta5
mozillafirefox
3.0.1
mozillafirefox
3.0.2
mozillafirefox
3.0.3
mozillafirefox
3.0.4
mozillafirefox
3.0.5
mozillafirefox
3.0.6
mozillafirefox
3.0.7
mozillafirefox
3.0.8
mozillafirefox
3.0.9
mozillafirefox
3.0.10
mozillafirefox
3.0.11
mozillafirefox
3.0.12
mozillafirefox
3.0.13
mozillafirefox
3.0.14
mozillafirefox
3.0.15
mozillafirefox
3.0.16
mozillafirefox
3.0.17
mozillafirefox
3.0.19
mozillafirefox
3.1:beta1
mozillafirefox
3.2:beta1
mozillafirefox
3.2:beta2
mozillafirefox
3.2:beta3
mozillafirefox
3.5.1
mozillafirefox
3.5.2
mozillafirefox
3.5.3
mozillafirefox
3.5.4
mozillafirefox
3.5.5
mozillafirefox
3.5.6
mozillafirefox
3.5.7
mozillafirefox
3.5.9
mozillafirefox
3.5.10
mozillafirefox
3.6.1
mozillafirefox
3.6.2
mozillafirefox
3.6.3
mozillafirefox
3.6.4
mozillathunderbird
𝑥
≤ 3.1
mozillathunderbird
0.1
mozillathunderbird
0.2
mozillathunderbird
0.3
mozillathunderbird
0.4
mozillathunderbird
0.5
mozillathunderbird
0.6
mozillathunderbird
0.7
mozillathunderbird
0.7.1
mozillathunderbird
0.7.2
mozillathunderbird
0.7.3
mozillathunderbird
0.8
mozillathunderbird
0.9
mozillathunderbird
1.0
mozillathunderbird
1.0.1
mozillathunderbird
1.0.2
mozillathunderbird
1.0.3
mozillathunderbird
1.0.4
mozillathunderbird
1.0.5
mozillathunderbird
1.0.5:beta
mozillathunderbird
1.0.6
mozillathunderbird
1.0.7
mozillathunderbird
1.0.8
mozillathunderbird
1.5
mozillathunderbird
1.5:beta2
mozillathunderbird
1.5.0.1
mozillathunderbird
1.5.0.2
mozillathunderbird
1.5.0.3
mozillathunderbird
1.5.0.4
mozillathunderbird
1.5.0.5
mozillathunderbird
1.5.0.6
mozillathunderbird
1.5.0.7
mozillathunderbird
1.5.0.8
mozillathunderbird
1.5.0.9
mozillathunderbird
1.5.0.10
mozillathunderbird
1.5.0.11
mozillathunderbird
1.5.0.12
mozillathunderbird
1.5.0.13
mozillathunderbird
1.5.0.14
mozillathunderbird
1.5.1
mozillathunderbird
1.5.2
mozillathunderbird
1.7.1
mozillathunderbird
1.7.3
mozillathunderbird
2.0.0.0
mozillathunderbird
2.0.0.1
mozillathunderbird
2.0.0.2
mozillathunderbird
2.0.0.3
mozillathunderbird
2.0.0.4
mozillathunderbird
2.0.0.5
mozillathunderbird
2.0.0.6
mozillathunderbird
2.0.0.7
mozillathunderbird
2.0.0.8
mozillathunderbird
2.0.0.9
mozillathunderbird
2.0.0.11
mozillathunderbird
2.0.0.12
mozillathunderbird
2.0.0.13
mozillathunderbird
2.0.0.14
mozillathunderbird
2.0.0.15
mozillathunderbird
2.0.0.16
mozillathunderbird
2.0.0.17
mozillathunderbird
2.0.0.18
mozillathunderbird
2.0.0.19
mozillathunderbird
2.0.0.20
mozillathunderbird
2.0.0.21
mozillathunderbird
2.0.0.22
mozillathunderbird
2.0.0.23
mozillathunderbird
3.0
mozillathunderbird
3.0.1
mozillathunderbird
3.0.2
mozillathunderbird
3.0.3
mozillathunderbird
3.0.4
mozillathunderbird
3.0.5
mozillathunderbird
3.0.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
Fixed 3.6.7+build2+nobinonly-0ubuntu0.10.04.1
released
karmic
dne
jaunty
dne
hardy
ignored
dapper
ignored
firefox-3.0
lucid
dne
karmic
dne
jaunty
Fixed 3.6.7+build2+nobinonly-0ubuntu0.9.04.1
released
hardy
Fixed 3.6.7+build2+nobinonly-0ubuntu0.8.04.1
released
dapper
dne
firefox-3.5
lucid
dne
karmic
Fixed 3.6.7+build2+nobinonly-0ubuntu0.9.10.1
released
jaunty
ignored
hardy
dne
dapper
dne
xulrunner-1.9.2
lucid
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1
released
karmic
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2
released
jaunty
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2
released
hardy
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2
released
dapper
dne
Common Weakness Enumeration
References
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=564679
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11863
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=564679
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11863