JVN/CVE Demo: Cveinfos

CVE

Id: 43783
CVE No.: CVE-2010-1199
Status: Candidate
Description: Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
Phase: Assigned (20100330)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
476942	43783	CVE-2010-1199	BUGTRAQ:20100623 ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability	View
476943	43783	CVE-2010-1199	URL:http://www.securityfocus.com/archive/1/archive/1/511972/100/0/threaded	View
476944	43783	CVE-2010-1199	EXPLOIT-DB:14949	View
476945	43783	CVE-2010-1199	URL:http://www.exploit-db.com/exploits/14949	View
476946	43783	CVE-2010-1199	MISC:http://www.zerodayinitiative.com/advisories/ZDI-10-113	View
476947	43783	CVE-2010-1199	CONFIRM:http://www.mozilla.org/security/announce/2010/mfsa2010-30.html	View
476948	43783	CVE-2010-1199	CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=554255	View
476949	43783	CVE-2010-1199	CONFIRM:http://support.avaya.com/css/P8/documents/100091069	View
476950	43783	CVE-2010-1199	FEDORA:FEDORA-2010-10344	View
476951	43783	CVE-2010-1199	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html	View
476952	43783	CVE-2010-1199	FEDORA:FEDORA-2010-10361	View
476953	43783	CVE-2010-1199	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html	View
476954	43783	CVE-2010-1199	MANDRIVA:MDVSA-2010:125	View
476955	43783	CVE-2010-1199	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:125	View
476956	43783	CVE-2010-1199	REDHAT:RHSA-2010:0499	View
476957	43783	CVE-2010-1199	URL:http://www.redhat.com/support/errata/RHSA-2010-0499.html	View
476958	43783	CVE-2010-1199	REDHAT:RHSA-2010:0500	View
476959	43783	CVE-2010-1199	URL:http://www.redhat.com/support/errata/RHSA-2010-0500.html	View
476960	43783	CVE-2010-1199	REDHAT:RHSA-2010:0501	View
476961	43783	CVE-2010-1199	URL:http://www.redhat.com/support/errata/RHSA-2010-0501.html	View
476962	43783	CVE-2010-1199	SUSE:SUSE-SA:2010:030	View
476963	43783	CVE-2010-1199	URL:http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html	View
476964	43783	CVE-2010-1199	UBUNTU:USN-930-1	View
476965	43783	CVE-2010-1199	URL:http://ubuntu.com/usn/usn-930-1	View
476966	43783	CVE-2010-1199	UBUNTU:USN-930-2	View
476967	43783	CVE-2010-1199	URL:http://www.ubuntu.com/usn/usn-930-2	View
476968	43783	CVE-2010-1199	BID:41050	View
476969	43783	CVE-2010-1199	URL:http://www.securityfocus.com/bid/41050	View
476970	43783	CVE-2010-1199	BID:41082	View
476971	43783	CVE-2010-1199	URL:http://www.securityfocus.com/bid/41082	View
476972	43783	CVE-2010-1199	OVAL:oval:org.mitre.oval:def:10885	View
476973	43783	CVE-2010-1199	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10885	View
476974	43783	CVE-2010-1199	OVAL:oval:org.mitre.oval:def:13287	View
476975	43783	CVE-2010-1199	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13287	View
476976	43783	CVE-2010-1199	SECTRACK:1024138	View
476977	43783	CVE-2010-1199	URL:http://www.securitytracker.com/id?1024138	View
476978	43783	CVE-2010-1199	SECTRACK:1024139	View
476979	43783	CVE-2010-1199	URL:http://www.securitytracker.com/id?1024139	View
476980	43783	CVE-2010-1199	SECUNIA:40323	View
476981	43783	CVE-2010-1199	URL:http://secunia.com/advisories/40323	View
476982	43783	CVE-2010-1199	SECUNIA:40326	View
476983	43783	CVE-2010-1199	URL:http://secunia.com/advisories/40326	View
476984	43783	CVE-2010-1199	SECUNIA:40401	View
476985	43783	CVE-2010-1199	URL:http://secunia.com/advisories/40401	View
476986	43783	CVE-2010-1199	SECUNIA:40481	View
476987	43783	CVE-2010-1199	URL:http://secunia.com/advisories/40481	View
476988	43783	CVE-2010-1199	VUPEN:ADV-2010-1551	View
476989	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1551	View
476990	43783	CVE-2010-1199	VUPEN:ADV-2010-1556	View
476991	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1556	View
476992	43783	CVE-2010-1199	VUPEN:ADV-2010-1557	View
476993	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1557	View
476994	43783	CVE-2010-1199	VUPEN:ADV-2010-1640	View
476995	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1640	View
476996	43783	CVE-2010-1199	VUPEN:ADV-2010-1773	View
476997	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1773	View
476998	43783	CVE-2010-1199	VUPEN:ADV-2010-1592	View
476999	43783	CVE-2010-1199	URL:http://www.vupen.com/english/advisories/2010/1592	View
477000	43783	CVE-2010-1199	XF:firefox-xslt-node-code-execution(59666)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
35909	JVNDB-2010-001689	複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性	複数の Mozilla 製品の JavaScript エンジンには、jstracer.cpp のアサーションの失敗を誘発される不備があるため、サービス運用妨害 (DoS) 状態となる、または任意のコードを実行される脆弱性が存在します。	CVE-2010-1203	43783	9.3		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001689.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.35 MB
View render complete	2.85 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.62
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	475.33
Event: Controller.beforeRender	4.54
» Processing toolbar data	4.45
Rendering View	17.45
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	16.49
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.54
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/43783
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/43783
Remote Port	27694
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.115
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.6.0.169
Http Via	1.1 squid-proxy-75b5465b89-smmpc (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=te1d5osfo20p5hfqbi8emffot7
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.115
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.115
Unique Id	aDYC3vAg6fExq2XV4EY4aAAAASw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.115
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.115
Redirect Unique Id	aDYC3vAg6fExq2XV4EY4aAAAASw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.115
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.115
Redirect Redirect Unique Id	aDYC3vAg6fExq2XV4EY4aAAAASw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1748370142.2051
Request Time	1748370142

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files