CVE-2010-1121
Description
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.544
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2010-1121 are affected in Mozilla Firefox 3.6.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.6.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.6.2 | Windows |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update esc-1.1.0-12.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update esc-1.1.0-12.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-extras-2.14.2-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-extras-2.14.2-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkhtml2-2.14.2-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkhtml2-2.14.2-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkmozembed-2.14.2-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkmozembed-2.14.2-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkspell-2.14.2-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-gtkspell-2.14.2-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-libegg-2.14.2-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update gnome-python2-libegg-2.14.2-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-2.16.7-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-2.16.7-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-devel-2.16.7-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-devel-2.16.7-7.el5.x86_64.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-mozplugin-2.16.7-7.el5.i386.rpm | Linux |
| (RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update totem-mozplugin-2.16.7-7.el5.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343015 | Mozilla Firefox (132.0.2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234