Your submission was sent successfully! Close

CVE-2010-0160

Published: 17 February 2010

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

Priority

Medium

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (3.6)
mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

seamonkey
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.3)
thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (3.0.2)
xulrunner-1.9
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.0.18)
xulrunner-1.9.1
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.1.8)