Oval Definition:oval:org.mitre.oval:def:14017
Revision Date:2014-10-06Version:30
Title:Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
Description:Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1196
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Definition Synopsis
  • Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.4 and is greater than or equal to 2.0.1
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.4
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1
  • OR Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.0.14 and is greater than or equal to 1.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.0.14
  • AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.1 and is greater than or equal to 1.0
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.1
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0
  • OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.3 and is greater than or equal to 3.5
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is less than or equal to 3.6.3
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is greater than or equal to 3.5
  • OR Determine if the version of Mozilla Thunderbird is equal to 3.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 3.0
  • OR Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.19 and is greater than or equal to 2.0.0.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.19
  • AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0
  • OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9
  • AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1
    • BACK