CVE-2010-0164 — Vulnetix

CVE-2010-0164 PUBLISHED

Reported by mitre · Published March 25, 2010

Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a

Exploit Intelligence

https://bugzilla.mozilla.org/show_bug.cgi?id=547143 (nist-nvd)

Timeline

Mar 25, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
Apr 11, 2023 EPSS Score
Jul 17, 2023 EPSS Score
Sep 7, 2023 EPSS Score

References

38921 vdb-entryx_refsource_BID
38918 vdb-entryx_refsource_BID
x_refsource_MISC
MDVSA-2010:070 vendor-advisoryx_refsource_MANDRIVA
x_refsource_CONFIRM
ADV-2010-0692 vdb-entryx_refsource_VUPEN
oval:org.mitre.oval:def:8703 vdb-entrysignaturex_refsource_OVAL
x_refsource_CONFIRM
20100402 ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability mailing-listx_refsource_BUGTRAQ

Open in Interactive Console →