CVE-2010-2752

Related Files

Month Of Abysssec Undisclosed Bugs - Mozilla Firefox CSS Font-Face

Posted Sep 25, 2010

Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Mozilla Firefox suffers from a CSS font-face remove code execution vulnerability.

tags | advisory, code execution

advisories | CVE-2010-2752

SHA-256 | 5b733d55ed5f656b0c8561eae3de28583e3ce6a2888aefb5cad79797ad08def6

Download | Favorite | View

Month Of Abysssec Undisclosed Bugs - Mozilla Firefox CSS Font-Face

Posted Sep 25, 2010

Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Mozilla Firefox suffers from a CSS font-face remove code execution vulnerability.

tags | exploit, code execution

advisories | CVE-2010-2752

SHA-256 | 50347efc2c502ca8dd20c3d52507b5f531dbc8450435c3b06a7242942e88a439

Download | Favorite | View

Ubuntu Security Notice 958-1

Posted Jul 26, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 958-1 - Several flaws were discovered in the browser engine of Thunderbird. An integer overflow was discovered in how Thunderbird processed CSS values. An integer overflow was discovered in how Thunderbird interpreted the XUL element. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. Yosuke Hasegawa discovered that the same-origin check in Thunderbird could be bypassed by utilizing the importScripts Web Worker method. Chris Evans discovered that Thunderbird did not properly process improper CSS selectors. Soroush Dalili discovered that Thunderbird did not properly handle script error output.

tags | advisory, web, overflow

systems | linux, ubuntu

advisories | CVE-2010-0654, CVE-2010-1205, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754

SHA-256 | 5419ae4fb245c6c535395ea9b94b38b179ed987669180fa8c3c08cbbe2746990

Download | Favorite | View

Ubuntu Security Notice 957-1

Posted Jul 23, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.

tags | advisory, remote, overflow, arbitrary

systems | linux, ubuntu

advisories | CVE-2010-0654, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754

SHA-256 | 102cde32fa8d891e54788fea852e8b6a825b5afe8a3b7b8afa40b6db0cea7fcf

Download | Favorite | View

Zero Day Initiative Advisory 10-133

Posted Jul 21, 2010

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of references to external font resources. A value is used as a 16 bit integer in an array allocation and later as 32 bit when iterating over and then populating these fields. By creating enough references, a remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary

advisories | CVE-2010-2752

SHA-256 | f5d8dd7c32a2a623a1ab483ff4c3cbdf23d8f651924b0f2d64ef43b07770a0c8

Download | Favorite | View