← ExploitWatch
HomeExploited Vulnerabilities

CVE-2010-3765 — Actively Exploited: Multiple Products (Mozilla)

Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which

CVE IDCVE-2010-3765
VendorMozilla
ProductMultiple Products
Vulnerability nameMozilla Multiple Products Remote Code Execution Vulnerability
Date added2025-10-06
Remediation due2025-10-27
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionMozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →