CVE-2010-0160
CVE-2010-0160
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=531222https://bugzilla.mozilla.org/show_bug.cgi?id=533000https://bugzilla.mozilla.org/show_bug.cgi?id=534051http://secunia.com/advisories/37242http://secunia.com/advisories/38847https://exchange.xforce.ibmcloud.com/vulnerabilities/56360https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11166https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8465