FKIE_CVE-2010-2762

Vulnerability from fkie_nvd - Published: 2010-09-09 19:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
References
cve@mitre.orghttp://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/42867
cve@mitre.orghttp://support.avaya.com/css/P8/documents/100112690
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:173
cve@mitre.orghttp://www.mozilla.org/security/announce/2010/mfsa2010-59.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/43092
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/2323
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0061
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=584180
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/61656
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492
af854a3a-2127-422b-91ae-364da2661108http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42867
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/css/P8/documents/100112690
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:173
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2010/mfsa2010-59.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/43092
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/2323
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0061
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=584180
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/61656
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492
Impacted products
Vendor Product Version
mozilla firefox 3.6
mozilla firefox 3.6.2
mozilla firefox 3.6.3
mozilla firefox 3.6.4
mozilla firefox 3.6.6
mozilla firefox 3.6.7
mozilla firefox 3.6.8
mozilla thunderbird 3.1
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3782354-7EB7-49D2-B240-1871F6CB84C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D47263-03AD-4060-91E3-90F997B3D174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD775DF-277E-4D5B-B980-B8E6E782467D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8587BFD-417D-42BE-A5F8-22FDC68FA9E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7364FAB-EEE9-4064-A8AD-6547239F9AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C50485F-BC7B-4B70-A47B-1712E2DBAC5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EE386B-0833-484E-A2AB-86B4470D4D45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58FC2EFB-CE85-4A65-A7B4-A0779F11B5BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27B9EA91-A461-42CE-9ED7-3805BD13A4B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C48E432-8945-4918-B2A4-AD2E05A51633",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object."
    },
    {
      "lang": "es",
      "value": "La clase XPCSafeJSObjectWrapper en la implementaci\u00f3n SafeJSObjectWrapper (tambi\u00e9n conocido como SJOW) en Mozilla Firefox 3.6.x anterior a v3.6.9 y Thunderbird v3.1.x anterior a v3.1.3 no restringe apropiadamente los objetos al final de las cadenas de \u00e1mbito de aplicaci\u00f3n, permitiendo a atacantes remotos ejecutar c\u00f3digo JavaScript arbitrario con privilegios de chrome a trav\u00e9s de vectores relacionados con un objeto privilegiado de chrome y una cadena que termina en un objeto externo."
    }
  ],
  "id": "CVE-2010-2762",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-09-09T19:00:02.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42867"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/css/P8/documents/100112690"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-59.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/43092"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/2323"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0061"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=584180"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61656"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/css/P8/documents/100112690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-59.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/43092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=584180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.