CVE-2010-0160
CVE-2010-0160
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=531222https://bugzilla.mozilla.org/show_bug.cgi?id=533000https://bugzilla.mozilla.org/show_bug.cgi?id=534051http://secunia.com/advisories/37242http://secunia.com/advisories/38847https://exchange.xforce.ibmcloud.com/vulnerabilities/56360https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11166https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8465