|
VCID-1rbg-fmrh-hud6
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3179
|
|
VCID-3fc2-gj58-qkc9
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3178
|
|
VCID-9e9c-9p3v-87e9
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3173
|
|
VCID-aaas-s64r-gfhg
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3170
|
|
VCID-gdw6-1awt-v3gf
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3183
|
|
VCID-gj5c-vnzw-hygb
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3177
|
|
VCID-n9zb-zchg-qybz
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3180
|
|
VCID-ugfe-zj7s-bkg6
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2010-3176
|
|
VCID-yepz-1cm7-tye3
|
Mozilla developer Ehsan Akhgari reported that a
function used to load external libraries on Windows platforms was
using a relative path to a DLL-loading application and was thus
vulnerable to binary planting if an attacker was able to place an
executable of the same name in the current working directory or any of
the other locations that Windows searches for executables.Dmitri Gribenko reported that the script used to
launch Mozilla applications on Linux was effectively including the
current working directory in the LD_LIBRARY_PATH
environment variable. If an attacker was able to place into the
current working directory a malicious shared library with the same
name as a library that the bootstrapping script depends on the
attacker could have their library loaded instead of the legitimate
library.
|
CVE-2010-3181
|