fkie_cve-2010-2762
Vulnerability from fkie_nvd
Published
2010-09-09 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
References
cve@mitre.orghttp://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/42867
cve@mitre.orghttp://support.avaya.com/css/P8/documents/100112690
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:173
cve@mitre.orghttp://www.mozilla.org/security/announce/2010/mfsa2010-59.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/43092
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/2323
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0061
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=584180
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/61656
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492
af854a3a-2127-422b-91ae-364da2661108http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42867
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/css/P8/documents/100112690
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:173
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2010/mfsa2010-59.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/43092
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/2323
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0061
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=584180
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/61656
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492
Impacted products
Vendor Product Version
mozilla firefox 3.6
mozilla firefox 3.6.2
mozilla firefox 3.6.3
mozilla firefox 3.6.4
mozilla firefox 3.6.6
mozilla firefox 3.6.7
mozilla firefox 3.6.8
mozilla thunderbird 3.1
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3782354-7EB7-49D2-B240-1871F6CB84C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D47263-03AD-4060-91E3-90F997B3D174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD775DF-277E-4D5B-B980-B8E6E782467D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8587BFD-417D-42BE-A5F8-22FDC68FA9E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7364FAB-EEE9-4064-A8AD-6547239F9AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C50485F-BC7B-4B70-A47B-1712E2DBAC5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EE386B-0833-484E-A2AB-86B4470D4D45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58FC2EFB-CE85-4A65-A7B4-A0779F11B5BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27B9EA91-A461-42CE-9ED7-3805BD13A4B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C48E432-8945-4918-B2A4-AD2E05A51633",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object."
    },
    {
      "lang": "es",
      "value": "La clase XPCSafeJSObjectWrapper en la implementaci\u00f3n SafeJSObjectWrapper (tambi\u00e9n conocido como SJOW) en Mozilla Firefox 3.6.x anterior a v3.6.9 y Thunderbird v3.1.x anterior a v3.1.3 no restringe apropiadamente los objetos al final de las cadenas de \u00e1mbito de aplicaci\u00f3n, permitiendo a atacantes remotos ejecutar c\u00f3digo JavaScript arbitrario con privilegios de chrome a trav\u00e9s de vectores relacionados con un objeto privilegiado de chrome y una cadena que termina en un objeto externo."
    }
  ],
  "id": "CVE-2010-2762",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-09-09T19:00:02.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42867"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/css/P8/documents/100112690"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-59.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/43092"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/2323"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0061"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=584180"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61656"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/css/P8/documents/100112690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-59.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/43092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=584180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.