Detections
Analytics
CVE-2010-3770
medium
Description
Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12348
https://bugzilla.mozilla.org/show_bug.cgi?id=601429
http://www.vupen.com/english/advisories/2011/0030
http://www.ubuntu.com/usn/USN-1019-1
http://www.securitytracker.com/id?1024851
http://www.securityfocus.com/bid/45353
http://www.redhat.com/support/errata/RHSA-2010-0966.html
http://www.mozilla.org/security/announce/2010/mfsa2010-84.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:251
http://www.debian.org/security/2010/dsa-2132
http://support.avaya.com/css/P8/documents/100124650
http://secunia.com/advisories/42818
http://secunia.com/advisories/42716
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html