Описание
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| hardy | not-affected | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.6.6+nobinonly-0ubuntu0.10.04.1 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0.5+build2+nobinonly-0ubuntu1 |
| hardy | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| lucid | released | 3.0.5+build2+nobinonly-0ubuntu0.10.04.1 |
| upstream | released | 3.0.5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.2.7+build2+nobinonly-0ubuntu1 |
| hardy | released | 1.9.2.6+nobinonly-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| jaunty | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2 |
| karmic | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2 |
| lucid | released | 1.9.2.6+nobinonly-0ubuntu0.10.04.1 |
| upstream | needed |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
Связанные уязвимости
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes ...
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
ELSA-2010-0501: firefox security, bug fix, and enhancement update (CRITICAL)
EPSS
10 Critical
CVSS2