CVE-2010-0165

Publication date 25 March 2010

Last updated 24 July 2024

Ubuntu priority

Description

The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.mozilla.org/security/announce/2010/mfsa2010-11.html
https://www.cve.org/CVERecord?id=CVE-2010-0165

CVE-2010-0165

Description

Status

References

Other references

Access our resources on patching vulnerabilities