CVE-2010-1199

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.

Published: Jun 24, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-1199
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
mozilla / firefox	3.5.3	3.5.3.x
mozilla / firefox	3.5.6	3.5.6.x
mozilla / firefox	3.5	3.5.x
mozilla / firefox	3.5.5	3.5.5.x
mozilla / firefox	3.5.9	3.5.9.x
mozilla / firefox	3.5.4	3.5.4.x
mozilla / firefox	3.5.7	3.5.7.x
mozilla / firefox	3.5.1	3.5.1.x
mozilla / firefox	3.5.2	3.5.2.x
mozilla / seamonkey	1.1.10	1.1.10.x
mozilla / seamonkey	1.0.3	1.0.3.x
mozilla / seamonkey	1.1.8	1.1.8.x
mozilla / seamonkey	1.0.1	1.0.1.x
mozilla / seamonkey	1.1.7	1.1.7.x
mozilla / seamonkey	1.0.6	1.0.6.x
mozilla / seamonkey	1.0.9	1.0.9.x
mozilla / seamonkey	1.1.3	1.1.3.x
mozilla / seamonkey	1.0	1.0.x
mozilla / seamonkey	2.0.3	2.0.3.x
mozilla / seamonkey	2.0.2	2.0.2.x
mozilla / seamonkey	1.1.17	1.1.17.x
mozilla / seamonkey	2.0-alpha_2	2.0-alpha_2.x
mozilla / seamonkey	1.1.5	1.1.5.x
mozilla / seamonkey	1.0.7	1.0.7.x
mozilla / seamonkey	1.0-beta	1.0-beta.x
mozilla / seamonkey	1.1-alpha	1.1-alpha.x
mozilla / seamonkey	2.0-rc2	2.0-rc2.x
mozilla / seamonkey	2.0-alpha_3	2.0-alpha_3.x
mozilla / seamonkey	1.0-alpha	1.0-alpha.x
mozilla / seamonkey	1.1.12	1.1.12.x
mozilla / seamonkey	1.1	1.1.x
mozilla / seamonkey	1.1.14	1.1.14.x
mozilla / seamonkey	1.1.2	1.1.2.x
mozilla / seamonkey	2.0-beta_2	2.0-beta_2.x
mozilla / seamonkey	1.0.2	1.0.2.x
mozilla / seamonkey	1.0.8	1.0.8.x
mozilla / seamonkey	1.1.11	1.1.11.x
mozilla / seamonkey	2.0-alpha_1	2.0-alpha_1.x
mozilla / seamonkey	1.1-beta	1.1-beta.x
mozilla / seamonkey	1.1.1	1.1.1.x
mozilla / seamonkey	2.0.1	2.0.1.x
mozilla / seamonkey	1.0.5	1.0.5.x
mozilla / seamonkey	1.1.15	1.1.15.x
mozilla / seamonkey	1.1.6	1.1.6.x
mozilla / seamonkey	1.1.16	1.1.16.x
mozilla / seamonkey	2.0-beta_1	2.0-beta_1.x
mozilla / seamonkey	1.1.19	1.1.19.x
mozilla / seamonkey	2.0-rc1	2.0-rc1.x
mozilla / seamonkey	1.0.4	1.0.4.x
mozilla / seamonkey	1.1.9	1.1.9.x
mozilla / seamonkey	1.1.13	1.1.13.x
mozilla / seamonkey	1.1.18	1.1.18.x
mozilla / seamonkey	-	2.0.4.x
mozilla / seamonkey	2.0	2.0.x
mozilla / seamonkey	1.1.4	1.1.4.x
mozilla / firefox	3.6.2	3.6.2.x
mozilla / firefox	3.6.3	3.6.3.x
mozilla / firefox	3.6	3.6.x
mozilla / thunderbird	1.5.0.7	1.5.0.7.x
mozilla / thunderbird	0.6	0.6.x
mozilla / thunderbird	2.0.0.4	2.0.0.4.x
mozilla / thunderbird	2.0.0.6	2.0.0.6.x
mozilla / thunderbird	0.3	0.3.x
mozilla / thunderbird	3.0.1	3.0.1.x
mozilla / thunderbird	0.2	0.2.x
mozilla / thunderbird	1.0.7	1.0.7.x
mozilla / thunderbird	2.0.0.18	2.0.0.18.x
mozilla / thunderbird	2.0.0.9	2.0.0.9.x
mozilla / thunderbird	2.0.0.16	2.0.0.16.x
mozilla / thunderbird	1.5.0.10	1.5.0.10.x
mozilla / thunderbird	1.5.0.5	1.5.0.5.x
mozilla / thunderbird	1.0	1.0.x
mozilla / thunderbird	3.0.3	3.0.3.x
mozilla / thunderbird	1.0.2	1.0.2.x
mozilla / thunderbird	2.0.0.0	2.0.0.0.x
mozilla / thunderbird	1.5.0.13	1.5.0.13.x
mozilla / thunderbird	2.0.0.12	2.0.0.12.x
mozilla / thunderbird	1.5	1.5.x
mozilla / thunderbird	1.5.0.2	1.5.0.2.x
mozilla / thunderbird	-	3.0.4.x
mozilla / thunderbird	1.5.0.8	1.5.0.8.x
mozilla / thunderbird	2.0.0.14	2.0.0.14.x
mozilla / thunderbird	0.5	0.5.x
mozilla / thunderbird	2.0.0.17	2.0.0.17.x
mozilla / thunderbird	1.5.0.9	1.5.0.9.x
mozilla / thunderbird	0.9	0.9.x
mozilla / thunderbird	3.0	3.0.x
mozilla / thunderbird	1.5.0.12	1.5.0.12.x
mozilla / thunderbird	0.4	0.4.x
mozilla / thunderbird	0.7	0.7.x
mozilla / thunderbird	1.5.0.14	1.5.0.14.x
mozilla / thunderbird	1.0.6	1.0.6.x
mozilla / thunderbird	2.0.0.5	2.0.0.5.x
mozilla / thunderbird	1.0.8	1.0.8.x
mozilla / thunderbird	0.1	0.1.x
mozilla / thunderbird	1.0.5	1.0.5.x
mozilla / thunderbird	0.8	0.8.x
mozilla / thunderbird	3.0.2	3.0.2.x
mozilla / thunderbird	2.0.0.19	2.0.0.19.x
mozilla / thunderbird	1.5.0.4	1.5.0.4.x

Vulnerability Database

289,697

CVE-2010-1199