CVE-2010-2117

Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
mozillafirefox
3.0.19
mozillafirefox
3.5
mozillafirefox
3.5.1
mozillafirefox
3.5.2
mozillafirefox
3.5.3
mozillafirefox
3.5.4
mozillafirefox
3.5.5
mozillafirefox
3.5.6
mozillafirefox
3.5.7
mozillafirefox
3.5.9
mozillafirefox
3.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
ignored
karmic
dne
jaunty
dne
hardy
ignored
dapper
ignored
xulrunner
lucid
dne
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
dne
xulrunner-1.9
lucid
dne
karmic
dne
jaunty
ignored
hardy
ignored
dapper
dne
xulrunner-1.9.1
lucid
dne
karmic
ignored
jaunty
ignored
hardy
dne
dapper
dne
xulrunner-1.9.2
lucid
ignored
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
dne
Common Weakness Enumeration
References
http://websecurity.com.ua/4238/
http://www.securityfocus.com/archive/1/511509/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11190
http://websecurity.com.ua/4238/
http://www.securityfocus.com/archive/1/511509/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11190