What is the severity of CVE-2010-1197?

CVE-2010-1197 has a critical severity rating due to its potential for cross-site scripting (XSS) attacks.

How do I fix CVE-2010-1197?

To fix CVE-2010-1197, upgrade to Mozilla Firefox version 3.5.10, 3.6.4, or later, or update to the latest version of SeaMonkey.

What versions are affected by CVE-2010-1197?

CVE-2010-1197 affects Mozilla Firefox versions 3.5.x before 3.5.10, 3.6.x before 3.6.4, and SeaMonkey versions before 2.0.5.

What type of vulnerability is CVE-2010-1197?

CVE-2010-1197 is a cross-site scripting (XSS) vulnerability that allows attackers to execute arbitrary scripts in the context of the user’s browser.

Who can be affected by CVE-2010-1197?

Users of affected versions of Mozilla Firefox and SeaMonkey are at risk of exploitation through crafted HTTP headers.

Vulnerability/
CVE-2010-1197

medium

4.3

CWE

23/6/2010

7/8/2024

CVE-2010-1197: XSS

First published: Wed Jun 23 2010(Updated: )

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	=3.5
Mozilla Firefox	=3.5.1
Mozilla Firefox	=3.5.2
Mozilla Firefox	=3.5.3
Mozilla Firefox	=3.5.4
Mozilla Firefox	=3.5.5
Mozilla Firefox	=3.5.6
Mozilla Firefox	=3.5.7
Mozilla Firefox	=3.5.9
Mozilla SeaMonkey	<=2.0.4
Mozilla SeaMonkey	=1.0
Mozilla SeaMonkey	=1.0-alpha
Mozilla SeaMonkey	=1.0-beta
Mozilla SeaMonkey	=1.0.1
Mozilla SeaMonkey	=1.0.2
Mozilla SeaMonkey	=1.0.3
Mozilla SeaMonkey	=1.0.4
Mozilla SeaMonkey	=1.0.5
Mozilla SeaMonkey	=1.0.6
Mozilla SeaMonkey	=1.0.7
Mozilla SeaMonkey	=1.0.8
Mozilla SeaMonkey	=1.0.9
Mozilla SeaMonkey	=1.1
Mozilla SeaMonkey	=1.1-alpha
Mozilla SeaMonkey	=1.1-beta
Mozilla SeaMonkey	=1.1.1
Mozilla SeaMonkey	=1.1.2
Mozilla SeaMonkey	=1.1.3
Mozilla SeaMonkey	=1.1.4
Mozilla SeaMonkey	=1.1.5
Mozilla SeaMonkey	=1.1.6
Mozilla SeaMonkey	=1.1.7
Mozilla SeaMonkey	=1.1.8
Mozilla SeaMonkey	=1.1.9
Mozilla SeaMonkey	=1.1.10
Mozilla SeaMonkey	=1.1.11
Mozilla SeaMonkey	=1.1.12
Mozilla SeaMonkey	=1.1.13
Mozilla SeaMonkey	=1.1.14
Mozilla SeaMonkey	=1.1.15
Mozilla SeaMonkey	=1.1.16
Mozilla SeaMonkey	=1.1.17
Mozilla SeaMonkey	=1.1.18
Mozilla SeaMonkey	=1.1.19
Mozilla SeaMonkey	=2.0
Mozilla SeaMonkey	=2.0-alpha_1
Mozilla SeaMonkey	=2.0-alpha_2
Mozilla SeaMonkey	=2.0-alpha_3
Mozilla SeaMonkey	=2.0-beta_1
Mozilla SeaMonkey	=2.0-beta_2
Mozilla SeaMonkey	=2.0-rc1
Mozilla SeaMonkey	=2.0-rc2
Mozilla SeaMonkey	=2.0.1
Mozilla SeaMonkey	=2.0.2
Mozilla SeaMonkey	=2.0.3
Mozilla Firefox	=3.6
Mozilla Firefox	=3.6.2
Mozilla Firefox	=3.6.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1197?
CVE-2010-1197 has a critical severity rating due to its potential for cross-site scripting (XSS) attacks.
How do I fix CVE-2010-1197?
To fix CVE-2010-1197, upgrade to Mozilla Firefox version 3.5.10, 3.6.4, or later, or update to the latest version of SeaMonkey.
What versions are affected by CVE-2010-1197?
CVE-2010-1197 affects Mozilla Firefox versions 3.5.x before 3.5.10, 3.6.x before 3.6.4, and SeaMonkey versions before 2.0.5.
What type of vulnerability is CVE-2010-1197?
CVE-2010-1197 is a cross-site scripting (XSS) vulnerability that allows attackers to execute arbitrary scripts in the context of the user’s browser.
Who can be affected by CVE-2010-1197?
Users of affected versions of Mozilla Firefox and SeaMonkey are at risk of exploitation through crafted HTTP headers.

agent/type
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/weakness
agent/description
agent/references
agent/author
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/source
vendor/mozilla
canonical/mozilla firefox
version/mozilla firefox/3.5.3
version/mozilla firefox/3.5.6
version/mozilla firefox/3.5
version/mozilla firefox/3.5.5
version/mozilla firefox/3.5.9
version/mozilla firefox/3.5.4
version/mozilla firefox/3.5.7
version/mozilla firefox/3.5.1
version/mozilla firefox/3.5.2
canonical/mozilla seamonkey
version/mozilla seamonkey/1.1.10
version/mozilla seamonkey/1.0.3
version/mozilla seamonkey/1.1.8
version/mozilla seamonkey/1.0.1
version/mozilla seamonkey/1.1.7
version/mozilla seamonkey/1.0.6
version/mozilla seamonkey/1.0.9
version/mozilla seamonkey/1.1.3
version/mozilla seamonkey/1.0
version/mozilla seamonkey/2.0.3
version/mozilla seamonkey/2.0.2
version/mozilla seamonkey/1.1.17
version/mozilla seamonkey/2.0-alpha_2
version/mozilla seamonkey/1.1.5
version/mozilla seamonkey/1.0.7
version/mozilla seamonkey/1.0-beta
version/mozilla seamonkey/1.1-alpha
version/mozilla seamonkey/2.0-rc2
version/mozilla seamonkey/2.0-alpha_3
version/mozilla seamonkey/1.0-alpha
version/mozilla seamonkey/1.1.12
version/mozilla seamonkey/1.1
version/mozilla seamonkey/1.1.14
version/mozilla seamonkey/1.1.2
version/mozilla seamonkey/2.0-beta_2
version/mozilla seamonkey/1.0.2
version/mozilla seamonkey/1.0.8
version/mozilla seamonkey/1.1.11
version/mozilla seamonkey/2.0-alpha_1
version/mozilla seamonkey/1.1-beta
version/mozilla seamonkey/1.1.1
version/mozilla seamonkey/2.0.1
version/mozilla seamonkey/1.0.5
version/mozilla seamonkey/1.1.15
version/mozilla seamonkey/1.1.6
version/mozilla seamonkey/1.1.16
version/mozilla seamonkey/2.0-beta_1
version/mozilla seamonkey/1.1.19
version/mozilla seamonkey/2.0-rc1
version/mozilla seamonkey/1.0.4
version/mozilla seamonkey/1.1.9
version/mozilla seamonkey/1.1.13
version/mozilla seamonkey/1.1.18
version/mozilla seamonkey/2.0.4
version/mozilla seamonkey/2.0
version/mozilla seamonkey/1.1.4
version/mozilla firefox/3.6.2
version/mozilla firefox/3.6.3
version/mozilla firefox/3.6

CVE-2010-1197: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1197?

How do I fix CVE-2010-1197?

What versions are affected by CVE-2010-1197?

What type of vulnerability is CVE-2010-1197?

Who can be affected by CVE-2010-1197?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-1197?

How do I fix CVE-2010-1197?

What versions are affected by CVE-2010-1197?

What type of vulnerability is CVE-2010-1197?

Who can be affected by CVE-2010-1197?