CVE-2010-2117
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x - Denial of Service via Infinite Loop with Invalid URI IFRAMEs
Title source: llmDescription
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11190
Exploit x_refsource_misc
http://websecurity.com.ua/4238/
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511509/100/0/threaded
Scores
EPSS
0.0178
EPSS Percentile
75.8%
Details
CWE
CWE-399
Status
published
Products (11)
mozilla/firefox
3.0.19
mozilla/firefox
3.5
mozilla/firefox
3.5.1
mozilla/firefox
3.5.2
mozilla/firefox
3.5.3
mozilla/firefox
3.5.4
mozilla/firefox
3.5.5
mozilla/firefox
3.5.6
mozilla/firefox
3.5.7
mozilla/firefox
3.5.9
... and 1 more
Published
Jun 01, 2010
Tracked Since
Feb 18, 2026