Search for vulnerabilities
| Vulnerability ID | VCID-wwk8-bpv8-zyhh |
| Aliases |
CVE-2010-3182
|
| Summary | Mozilla developer Ehsan Akhgari reported that a function used to load external libraries on Windows platforms was using a relative path to a DLL-loading application and was thus vulnerable to binary planting if an attacker was able to place an executable of the same name in the current working directory or any of the other locations that Windows searches for executables.Dmitri Gribenko reported that the script used to launch Mozilla applications on Linux was effectively including the current working directory in the LD_LIBRARY_PATH environment variable. If an attacker was able to place into the current working directory a malicious shared library with the same name as a library that the bootstrapping script depends on the attacker could have their library loaded instead of the legitimate library. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| epss | 0.00078 | https://api.first.org/data/v1/epss?cve=CVE-2010-3182 |
| generic_textual | critical | https://www.mozilla.org/en-US/security/advisories/mfsa2010-71 |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3182.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2010-3182 | ||
| 642300 | https://bugzilla.redhat.com/show_bug.cgi?id=642300 | |
| CVE-2010-3182 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182 | |
| GLSA-201301-01 | https://security.gentoo.org/glsa/201301-01 | |
| mfsa2010-71 | https://www.mozilla.org/en-US/security/advisories/mfsa2010-71 | |
| RHSA-2010:0780 | https://access.redhat.com/errata/RHSA-2010:0780 | |
| RHSA-2010:0781 | https://access.redhat.com/errata/RHSA-2010:0781 | |
| RHSA-2010:0782 | https://access.redhat.com/errata/RHSA-2010:0782 | |
| RHSA-2010:0861 | https://access.redhat.com/errata/RHSA-2010:0861 | |
| RHSA-2010:0896 | https://access.redhat.com/errata/RHSA-2010:0896 | |
| USN-997-1 | https://usn.ubuntu.com/997-1/ | |
| USN-998-1 | https://usn.ubuntu.com/998-1/ |
| Percentile | 0.23338 |
| EPSS Score | 0.00078 |
| Published At | May 29, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-05-29T08:27:14.808723+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2010/mfsa2010-71.md | 38.6.0 |