Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2010-0169

Disclosure Date: March 25, 2010 •

CVE-2010-0169

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser’s font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

mozilla

Products

firefox 3.0,
firefox 3.0.1,
firefox 3.0.10,
firefox 3.0.11,
firefox 3.0.12,
firefox 3.0.13,
firefox 3.0.14,
firefox 3.0.15,
firefox 3.0.16,
firefox 3.0.17,
firefox 3.5,
firefox 3.5.1,
firefox 3.5.2,
firefox 3.5.3,
firefox 3.5.4,
firefox 3.5.5,
firefox 3.5.6,
firefox 3.5.7,
firefox 3.6,
seamonkey,
seamonkey 1.1,
seamonkey 1.1.1,
seamonkey 1.1.10,
seamonkey 1.1.11,
seamonkey 1.1.12,
seamonkey 1.1.13,
seamonkey 1.1.14,
seamonkey 1.1.15,
seamonkey 1.1.16,
seamonkey 1.1.17,
seamonkey 1.1.18,
seamonkey 1.1.19,
seamonkey 1.1.2,
seamonkey 1.1.3,
seamonkey 1.1.4,
seamonkey 1.1.5,
seamonkey 1.1.6,
seamonkey 1.1.7,
seamonkey 1.1.8,
seamonkey 1.1.9,
seamonkey 2.0,
seamonkey 2.0.1,
thunderbird,
thunderbird 1.5,
thunderbird 1.5.0.1,
thunderbird 1.5.0.10,
thunderbird 1.5.0.11,
thunderbird 1.5.0.12,
thunderbird 1.5.0.13,
thunderbird 1.5.0.14,
thunderbird 1.5.0.2,
thunderbird 1.5.0.3,
thunderbird 1.5.0.4,
thunderbird 1.5.0.5,
thunderbird 1.5.0.6,
thunderbird 1.5.0.7,
thunderbird 1.5.0.8,
thunderbird 1.5.0.9,
thunderbird 1.5.1,
thunderbird 1.5.2,
thunderbird 2.0.0.0,
thunderbird 2.0.0.12,
thunderbird 2.0.0.14,
thunderbird 2.0.0.16,
thunderbird 2.0.0.17,
thunderbird 2.0.0.18,
thunderbird 2.0.0.19,
thunderbird 2.0.0.3,
thunderbird 2.0.0.4,
thunderbird 2.0.0.5,
thunderbird 2.0.0.6,
thunderbird 2.0.0.7,
thunderbird 2.0.0.8,
thunderbird 2.0.0.9

References

Canonical

CVE-2010-0169 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0169)

BID-38918 (http://www.securityfocus.com/bid/38918)

Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=535806

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11391

ADV-2010-0692 (http://www.vupen.com/english/advisories/2010/0692)

http://www.mozilla.org/security/announce/2010/mfsa2010-14.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8431

Rapid7

Unknown

CVE-2010-0169

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2010-0169

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2010-0169

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2010-0169

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification