CVE-2010-3765

Published Oct 28, 2010

Last updated 20 days ago

Exploit known CVSS critical 9.8

Mozilla Firefox

Overview

Description: Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
Source: cve@mitre.org
NVD status: Deferred
Products: firefox, thunderbird, seamonkey

Risk scores

CVSS 3.1

Type: Secondary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Known exploits

Data from CISA

Vulnerability name: Mozilla Multiple Products Remote Code Execution Vulnerability
Exploit added on: Oct 6, 2025
Exploit action due: Oct 27, 2025
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

nvd@nist.gov: CWE-119
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76CD3BDF-A079-4EF3-ABDE-43CBDD08DB1F"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "031E8624-5161-43AF-AF19-6BAB5A94FDD8"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54186D4A-C6F0-44AD-94FB-73B4346ABB6B"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47E50AD9-BA35-4817-BD4D-5D678FC5A3C5"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD09DE40-8C9B-41EA-B372-9E4E4830E8F4"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F223FB83-0EDB-4429-94B9-1AEEF314B73F"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC6B977F-292F-4981-95A0-6065A3C487D5"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "342226B9-2C0C-416C-81FE-19C49F03AA88"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A6A28E0-F67A-4275-B0D9-A02822E9EF7E"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECAB4696-76F3-458C-B33B-D7F8690C60A0"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBB444FD-15F3-4447-9EA8-1669779A5749"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F92E2EF3-A612-476F-9D31-1EEC240C7EA7"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F175D30-2416-4172-BF11-DA78D252D608"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DD3F168-3EF4-492E-BBAA-EACB1357C709"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B46BA97-2860-45E4-9FD3-F418A202E4F0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3782354-7EB7-49D2-B240-1871F6CB84C7"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30D47263-03AD-4060-91E3-90F997B3D174"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFD775DF-277E-4D5B-B980-B8E6E782467D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8587BFD-417D-42BE-A5F8-22FDC68FA9E6"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7364FAB-EEE9-4064-A8AD-6547239F9AB3"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C50485F-BC7B-4B70-A47B-1712E2DBAC5A"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EE386B-0833-484E-A2AB-86B4470D4D45"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3EF1B4D-6556-4B3C-BDD0-6348A4D4A91D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68C5C7CF-005B-42FC-B950-90303F0CC115"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B2FA2CF-7FE4-43B1-96A0-C14666EDBD7B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BF605F6-2A84-4DE5-AB62-282E9C46479B"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08F10B5E-0780-4756-919C-B0C00C673412"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D930F0F-DCC3-4905-A4B1-288F0CCC6975"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBA0F9D4-B68A-4018-BC4E-95B87A1A8489"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61CCB291-B71B-40D3-8493-215003851BDB"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFD1FE7A-B888-461D-93F3-B71C94B4AA56"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2727C9C-618D-4AEF-B7BE-8BE5935483F7"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95B21CE4-AF78-4D1B-A73E-84E83DB4A2C4"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48F3528F-4E43-4D91-957E-49C7DB2A135A"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27B9EA91-A461-42CE-9ED7-3805BD13A4B6"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C48E432-8945-4918-B2A4-AD2E05A51633"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A95B301-A72B-4F95-A7D6-4B574E9D3BDA"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "968C261F-A7D5-4EB6-BCFF-EE40DB5A11D9"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB49CD91-C21E-4494-97CF-DDCFB38B2D92"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58EB8E8A-84DE-43AA-B8F0-B585FB73D724"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C19C0BF7-390D-4E2E-BA32-28DFF73C55F6"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FE5E50C-80ED-4CA7-BC85-8BD2E324D527"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEBF912C-A12E-4DBD-84AC-8B440E190BCE"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B8EDED6-29EF-4A9F-955D-F5E6611C2141"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDC9C82D-586A-48F4-B540-1E2AE79806B3"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51FCF83B-630A-4413-BFAA-0C24A6B8F4F4"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84B2AA0A-0220-49DD-82CD-37FDC563F146"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D754AF10-1E43-46C8-A444-E7DB3401509D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34182167-F1DF-455B-BFDB-0A8491590479"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8ECA6CE-20D0-4A4F-B376-888A9328B044"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FEFCAB0-E57A-46E8-94C7-8510BB87C6B2"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FB5C972-AF7B-4EC7-BCE5-867CACCF5C19"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C68DBB31-7804-446E-9A53-073E4B74E851"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31ADCC51-CE05-4EB6-BE8F-B64FD62946A1"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "387390AE-CF25-47ED-BD36-F42455DE1A4B"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78D5F0AD-9974-40A1-942F-0F03A278DAD9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Known exploits

Weaknesses

Social media

Configurations

References