The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 01:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox - | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html - | |
References | () http://secunia.com/advisories/42867 - | |
References | () http://support.avaya.com/css/P8/documents/100110210 - | |
References | () http://support.avaya.com/css/P8/documents/100112690 - | |
References | () http://www.debian.org/security/2010/dsa-2106 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 - | |
References | () http://www.mozilla.org/security/announce/2010/mfsa2010-56.html - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/43097 - | |
References | () http://www.vupen.com/english/advisories/2010/2323 - | |
References | () http://www.vupen.com/english/advisories/2011/0061 - | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-10-171/ - | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=576070 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/61661 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12136 - |
Information
Published : 2010-09-09 19:00
Updated : 2024-11-21 01:18
NVD link : CVE-2010-3167
Mitre link : CVE-2010-3167
CVE.ORG link : CVE-2010-3167
JSON object : View
Products Affected
mozilla
- thunderbird
- firefox
- seamonkey