CVE-2010-3765: Mozilla Multiple Products Remote Code Execution
Mozilla Multiple Products Remote Code Execution Vulnerability. Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption.
- CISA KEV-listed (remediation due 2025-10-27)
- EPSS 86.8% (99.4% percentile)