Oval Definition:oval:org.mitre.oval:def:11680
Revision Date:2014-10-06Version:35
Title:Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
Description:Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-2752
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis
  • Check for vulnerable Firefox
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is 3.5.x before 3.5.11
  • OR Mozilla Firefox Mainline version is 3.6.x before 3.6.7
  • OR Check for vulnerable SeaMonkey
  • Mozilla Seamonkey is installed
  • AND Mozilla Seamonkey version less than 2.0.6
  • OR Check for vulnerable Thunderbird
  • Mozilla Thunderbird Mainline release is installed
  • AND Thunderbird version is 3.0.x before 3.0.6 or 3.1.x before 3.1.1
  • Mozilla Thunderbird 3.0.x before 3.0.6
  • OR Mozilla Thunderbird 3.1.x before 3.1.1
    • BACK