|
|
Log in / Subscribe / Register

mozilla: denial of service

Package(s):firefox, thunderbird, sunbird CVE #(s):CVE-2010-2755
Created:August 20, 2010 Updated:January 19, 2011
Description: From the CVE entry:

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

Alerts:
Gentoo 201301-01 firefox 2013-01-07
MeeGo MeeGo-SA-10:24 firefox 2010-09-03
Fedora FEDORA-2010-13129 sunbird 2010-08-20
Fedora FEDORA-2010-13129 thunderbird 2010-08-20
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds