Your submission was sent successfully! Close

CVE-2010-0177

Published: 05 April 2010

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

Priority

Medium

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (3.6.3)
seamonkey
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.4)
thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (3.0.4)
xulrunner-1.9
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.0.19)
xulrunner-1.9.1
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.1.9)