Vulnerabilities > CVE-2010-0183 - Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0499.NASL description From Red Hat Security Advisory 2010:0499 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68053 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68053 title Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0499) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0501.NASL description Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47119 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47119 title RHEL 5 : firefox (RHSA-2010:0501) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0501.NASL description Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47129 published 2010-06-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47129 title CentOS 5 : firefox (CESA-2010:0501) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0500.NASL description An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 48265 published 2010-08-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48265 title CentOS 4 : firefox (CESA-2010:0500) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLAFIREFOX-100625.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47693 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47693 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0499.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47788 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47788 title CentOS 3 / 4 : seamonkey (CESA-2010:0499) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-7083.NASL description Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 49893 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49893 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7083) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0500.NASL description From Red Hat Security Advisory 2010:0500 : An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68054 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68054 title Oracle Linux 4 : firefox (ELSA-2010-0500) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLAFIREFOX-100628.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47691 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47691 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10363.NASL description Update to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47226 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47226 title Fedora 13 : seamonkey-2.0.5-1.fc13 (2010-10363) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0500.NASL description An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47118 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47118 title RHEL 4 : firefox (RHSA-2010:0500) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10329.NASL description Update to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47222 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47222 title Fedora 12 : seamonkey-2.0.5-1.fc12 (2010-10329) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLAFIREFOX-100628.NASL description Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different web sites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 50873 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50873 title SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2608 / 2609) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10361.NASL description Update to new upstream Firefox version 3.6.4, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.6.4 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1200 CVE-2010-1202 CVE-2010-1203 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47225 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47225 title Fedora 13 : firefox-3.6.4-1.fc13 / galeon-2.0.7-29.fc13 / gnome-python2-extras-2.25.3-19.fc13 / etc (2010-10361) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_99858B7C7ECE11DFA007000F20797EDE.NASL description Mozilla Project reports : MFSA 2010-33 User tracking across sites using Math.random() MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal MFSA 2010-28 Freed object reuse across plugin instances MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots() MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10) MFSA 2010-25 Re-use of freed object due to scope confusion last seen 2020-06-01 modified 2020-06-02 plugin id 47130 published 2010-06-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47130 title FreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede) NASL family Windows NASL id SEAMONKEY_205.NASL description The installed version of SeaMonkey is earlier than 2.0.5. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in last seen 2020-06-01 modified 2020-06-02 plugin id 47126 published 2010-06-23 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47126 title SeaMonkey < 2.0.5 Multiple Vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201301-01.NASL description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 63402 published 2013-01-08 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63402 title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0499.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47117 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47117 title RHEL 3 / 4 : seamonkey (RHSA-2010:0499) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2064.NASL description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0183 last seen 2020-06-01 modified 2020-06-02 plugin id 47153 published 2010-06-29 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47153 title Debian DSA-2064-1 : xulrunner - several vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0501.NASL description From Red Hat Security Advisory 2010:0501 : Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68055 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68055 title Oracle Linux 5 : firefox (ELSA-2010-0501) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10344.NASL description Update to new upstream Firefox version 3.5.10, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.5.10 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47223 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47223 title Fedora 12 : firefox-3.5.10-1.fc12 / galeon-2.0.7-23.fc12 / gnome-python2-extras-2.25.3-18.fc12 / etc (2010-10344) NASL family Windows NASL id MOZILLA_FIREFOX_3510.NASL description The installed version of Firefox is earlier than 3.5.10. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in last seen 2020-06-01 modified 2020-06-02 plugin id 47123 published 2010-06-23 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47123 title Firefox < 3.5.10 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_0_MOZILLAFIREFOX-100625.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47689 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47689 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2)
Oval
accepted | 2014-10-06T04:00:41.891-04:00 | ||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||
description | Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus. | ||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12586 | ||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||
submitted | 2011-05-03T09:21:23-05:00 | ||||||||||||||||||||||||||||||||||||
title | Use after free vulnerability in nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 | ||||||||||||||||||||||||||||||||||||
version | 33 |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
- http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
- http://secunia.com/advisories/40326
- http://secunia.com/advisories/40481
- http://www.mozilla.org/security/announce/2010/mfsa2010-27.html
- http://www.securityfocus.com/bid/41050
- http://www.securitytracker.com/id?1024138
- http://www.vupen.com/english/advisories/2010/1551
- http://www.vupen.com/english/advisories/2010/1592
- http://www.vupen.com/english/advisories/2010/1773
- https://bugzilla.mozilla.org/show_bug.cgi?id=557174
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12586