suse · CVE-2010-3765

Quick triage

Priority: critical Published: 2021-05-30 12:54:04 UTC Updated: 2026-04-18 20:07:57 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2010-3765 severity critical: SUSE including 117 source package names (MozillaFirefox-10.0-0.3.2, MozillaFirefox-140.2.0-160000.1.2, …), 184 product×package rows across 33 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (33 product lines)): Fixed 184.

Description:

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

cvelogic Threat Intelligence