CVE-2010-0160
CVE-2010-0160
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=531222https://bugzilla.mozilla.org/show_bug.cgi?id=533000https://bugzilla.mozilla.org/show_bug.cgi?id=534051http://secunia.com/advisories/37242http://secunia.com/advisories/38847https://exchange.xforce.ibmcloud.com/vulnerabilities/56360https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11166https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8465