LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

MeeGo alert MeeGo-SA-10:24 (firefox)



From:
    	      "Ware, Ryan R" <ryan.r.ware@intel.com> 


To:
    	      "meego-security@meego.com" <meego-security@meego.com> 


Subject:
    	      [MeeGo-security] [MeeGo-SA-10:24.firefox] Improper Memory Handling
	Allows DoS 


Date:
    	      Tue, 18 Jan 2011 20:53:31 -0700


Message-ID:
    	      <2A5B01C8-52F6-4AC8-BF1E-D4542A4594A0@intel.com>


Archive-link:
    	      Article, Thread
              


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
MeeGo-SA-10:24.firefox				            Security Advisory
                                                                MeeGo Project

Topic:          Improper Memory Handling Allows DoS

Category:       Browser
Module:         firefox
Announced:      September 3, 2010
Affects:        MeeGo 1.0
Corrected:      September 3, 2010
MeeGo BID:	4998
CVE:		CVE-2010-2755

For general information regarding MeeGo Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://www.MeeGo.com/>.

I.   Background

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance and portability.

II.  Problem Description

CVE-2010-2755: layout/generic/nsObjectFrame.cpp in Mozilla Firefox
3.6.7 does not properly free memory in the parameter array of a plugin
instance, which allows remote attackers to cause a denial of service
(memory corruption) or possibly execute arbitrary code via a crafted
HTML document, related to the DATA and SRC attributes of an OBJECT
element. NOTE: this vulnerability exists because of an incorrect fix
for CVE-2010-1214.
CVSS v2 Base: 10.0 (HIGH)
Access Vector: Network exploitable

III. Impact

CVE-2010-2898: Unauthorized disclosure of information due to resource
management errors (CWE-399)

IV.  Workaround

None

V.   Solution

Update to package firefox-3.6.8-5.1 or later.

VI. References

http://bugs.meego.com/show_bug.cgi?id=4998
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-...
http://cwe.mitre.org/data/definitions/399.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (Darwin)

iQEcBAEBAgAGBQJNNlrdAAoJEEsJm1wYvCMbOkwH/Ro8bnSrBZ4ii8q5D/i+fNU6
+3jGvIp0MQtQMAZOvEZqQe/0/ne0aPAe4OKwjJa1Uu7t621ReVkSxIeJDoiPRSo8
Z/tXaliP3+/7+1e0oWJhPwDIiSQOVIkgyuRJA6fUkRTLhRG3wWkpHKA1ZrUn4YaX
gZJGH65dIVoq5/wGD0d1NT+auC25/oeFy7/5ze6BnpqTMAtlBo6Z6QHuiTfptqqJ
CtW/gup4Y/hFhLMzpvUhOL7gsezz5vEV02nw9CSQ3IiBJM+/jKdTeLA1kHEXwyGo
dCtf1eCk/EktB2bg70v6v8x6rojX0qsOJ+pWBuZAFHqVORUTNdpNgChvUF2IXvM=
=c/P9
-----END PGP SIGNATURE-----

_______________________________________________
MeeGo-security mailing list
MeeGo-security@meego.com
http://lists.meego.com/listinfo/meego-security
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds