CVE-2010-3171
Published: 15 September 2010
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-5913.
Notes
Author | Note |
---|---|
jdstrand | CVEs in Firefox are tracked in the xulrunner source packages for builds that use the system xulrunner, and firefox source packages for those that use a static build xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul) xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul) xulrunner-1.9: (ignored) reverse dependencies no longer process web content xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content xulrunner-1.9.2: system xul for reverese dependencies that process web content firefox: Ubuntu 6.06 LTS (static build) firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher) firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x) firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead) firefox-3.5: Ubuntu 9.10 (static build of 3.6.x) |
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Not vulnerable
(3.6.16+build1+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Not vulnerable
(3.6.16+build1+nobinonly-0ubuntu0.10.10.1)
|
|
natty |
Not vulnerable
(4.0+nobinonly-0ubuntu1)
|
|
upstream |
Needs triage
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Not vulnerable
(3.6.16+build1+nobinonly-0ubuntu0.8.04.1)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Needs triage
(Ubuntu source uses 3.6.x)
|
|
firefox-3.5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
jaunty |
Ignored
|
|
karmic |
Not vulnerable
(3.6.16+build1+nobinonly-0ubuntu0.9.10.1)
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Needs triage
(Ubuntu source uses 3.6.x)
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Not vulnerable
(2.0.11+build1+nobinonly-0ubuntu0.8.04.1)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
thunderbird Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
(3.1.8+build3+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Not vulnerable
(1.9.2.16+build1+nobinonly-0ubuntu0.8.04.1)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
(1.9.2.15+build1+nobinonly-0ubuntu1)
|
|
upstream |
Needs triage
|