Описание
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| hardy | ignored | end of life |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.6.6+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| natty | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| oneiric | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.6+build1+nobinonly-0ubuntu1 |
| hardy | released | 2.0.8+build1+nobinonly-0ubuntu0.8.04.1 |
| jaunty | released | 2.0.8+build1+nobinonly-0ubuntu0.9.04.1 |
| karmic | released | 2.0.8+build1+nobinonly-0ubuntu0.9.10.1 |
| lucid | released | 2.0.6+build1+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 2.0.6+build1+nobinonly-0ubuntu1 |
| natty | released | 2.0.6+build1+nobinonly-0ubuntu1 |
| oneiric | released | 2.0.6+build1+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0.5+build2+nobinonly-0ubuntu1 |
| hardy | ignored | |
| jaunty | ignored | |
| karmic | ignored | |
| lucid | released | 3.0.5+build2+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 3.0.5+build2+nobinonly-0ubuntu1 |
| natty | released | 3.0.5+build2+nobinonly-0ubuntu1 |
| oneiric | released | 3.0.5+build2+nobinonly-0ubuntu1 |
| upstream | released | 3.0.5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 1.9.2.6+nobinonly-0ubuntu0.8.04.1 |
| jaunty | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2 |
| karmic | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2 |
| lucid | released | 1.9.2.6+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 1.9.2.7+build2+nobinonly-0ubuntu1 |
| natty | released | 1.9.2.7+build2+nobinonly-0ubuntu1 |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
9.3 Critical
CVSS2
Связанные уязвимости
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function ...
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
ELSA-2010-0501: firefox security, bug fix, and enhancement update (CRITICAL)
9.3 Critical
CVSS2