{ "threat_severity" : "Critical", "public_date" : "2010-06-22T00:00:00Z", "bugzilla" : { "description" : "Mozilla Integer Overflow in XSLT Node Sorting", "id" : "590833", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=590833" }, "cvss" : { "cvss_base_score" : "6.8", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 3", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0499", "cpe" : "cpe:/o:redhat:enterprise_linux:3", "package" : "seamonkey-0:1.0.9-0.55.el3" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0499", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "seamonkey-0:1.0.9-58.el4_8" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0500", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "firefox-0:3.6.4-8.el4" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2010-07-21T00:00:00Z", "advisory" : "RHSA-2010:0544", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "thunderbird-0:1.5.0.12-28.el4", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "devhelp-0:0.12-21.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "esc-0:1.1.0-12.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "firefox-0:3.6.4-8.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "gnome-python2-extras-0:2.14.2-7.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "totem-0:2.16.7-7.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "xulrunner-0:1.9.2.4-10.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-06-22T00:00:00Z", "advisory" : "RHSA-2010:0501", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "yelp-0:2.16.0-26.el5" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2010-07-21T00:00:00Z", "advisory" : "RHSA-2010:0545", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "thunderbird-0:2.0.0.24-6.el5", "impact" : "moderate" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2010-1199\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-1199" ], "name" : "CVE-2010-1199", "csaw" : false }