Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2755

Опубликовано: 24 июл. 2010
Источник: redhat
CVSS2: 6.8

Описание

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 3seamonkeyFixedRHSA-2010:055724.07.2010
Red Hat Enterprise Linux 4seamonkeyFixedRHSA-2010:055724.07.2010
Red Hat Enterprise Linux 4firefoxFixedRHSA-2010:055824.07.2010
Red Hat Enterprise Linux 5firefoxFixedRHSA-2010:055624.07.2010
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2010:055624.07.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=617657Mozilla arbitrary free flaw

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2755

ubuntu
почти 15 лет назад

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

nvd логотип

CVE-2010-2755

nvd
почти 15 лет назад

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

debian логотип

CVE-2010-2755

debian
почти 15 лет назад

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not pro ...

github логотип

GHSA-fwcv-j34v-fh3m

github
около 3 лет назад

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

oracle-oval логотип

ELSA-2010-0556

oracle-oval
почти 15 лет назад

ELSA-2010-0556: firefox security update (CRITICAL)

6.8 Medium

CVSS2