CVE-2010-1987
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-1987
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mozilla Firefox 动态库'USP10.dll'拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mozilla Firefox是非常流行的开放源码WEB浏览器。 Windows XP SP3上运行的Mozilla Firefox存在资源管理错误漏洞,远程攻击者可以通过在P元素内容中追加长字符串,和执行某些其它字符串串联和子字符串操作的JavaScript代码,引发拒绝服务(内存消耗、边界外读取数据、及应用程序崩溃),该漏洞与动态库USP10.dll的DoubleWideCharMappedString,及xul.dll的gfxWindowsFontGroup::GetUnderlineOffset函
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-1987
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-1987
Please Login to view more intelligence information
- http://www.x90c.org/advisories/firefox_3.6.3_crash_advisory.txtx_refsource_MISC
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12013vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2010-1987
Same Patch Batch · n/a · 2010-05-20 · 24 CVEs total
| CVE-2010-1996 | TomatoCMS 'index.php'多个跨站脚本攻击漏洞 | |
| CVE-2010-2007 | LetoDMS多个跨站请求伪造漏洞 | |
| CVE-2010-2006 | LetoDMS 'op/op.Login.php'目录遍历漏洞 | |
| CVE-2010-2005 | Datalife Engine多个远程文件包含漏洞 | |
| CVE-2010-2004 | BS.Player .bsl文件解析栈溢出漏洞 | |
| CVE-2010-2003 | Proxy2 Advanced Poll 'misc/get_admin.php'跨站脚本攻击漏洞 | |
| CVE-2010-2002 | Drupal Wordfilter模块跨站脚本攻击漏洞 | |
| CVE-2010-2001 | Ninjitsuweb CiviRegister模块跨站脚本攻击漏洞 | |
| CVE-2010-2000 | Drupal Bibliography (Biblio)模块跨站脚本攻击漏洞 | |
| CVE-2010-1999 | OpenMairie Opencatalogue 'scr/soustab.php'目录遍历漏洞 | |
| CVE-2010-1998 | Kevinhankens CCK TableField模块跨站脚本攻击漏洞 | |
| CVE-2010-1997 | Saurus CMS 'edit.php'跨站脚本攻击漏洞 | |
| CVE-2010-0745 | Dovecot未明资源管理错误漏洞 | |
| CVE-2010-1995 | TomatoCMS 'index.php'多个跨站脚本攻击漏洞 | |
| CVE-2010-1994 | TomatoCMS 'index.php'SQL注入漏洞 | |
| CVE-2010-1993 | Opera IFRAME元素处理程序资源管理错误漏洞 | |
| CVE-2010-1992 | Google Chrome邮件应用程序资源管理错误 | |
| CVE-2010-1991 | Microsoft Internet Explorer邮件应用程序资源管理错误 | |
| CVE-2010-1990 | Mozilla Firefox和SeaMonkey邮件应用程序资源管理错误 | |
| CVE-2010-1989 | Opera邮件应用程序资源管理错误漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2010-1987
No comments yet