CVE-2011-0073 in Ubuntu

CVE-2011-0073

Priority

Medium

Description

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before
2.0.14, does not properly use nsTreeRange data structures, which allows
remote attackers to execute arbitrary code via unspecified vectors that
lead to a "dangling pointer."

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073
http://www.ubuntu.com/usn/usn-1112-1
http://www.ubuntu.com/usn/usn-1122-2
http://www.ubuntu.com/usn/usn-1122-1

Package

Source: firefox-3.0 (LP Ubuntu Debian)

Upstream:	released (3.6.17)
Ubuntu 8.04 LTS (Hardy Heron):	released (3.6.17+build3+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 11.10 (Oneiric Ocelot):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: firefox (LP Ubuntu Debian)

Upstream:	released (3.6.17)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (uses system xulrunner)
Ubuntu 10.04 LTS (Lucid Lynx):	released (3.6.17+build3+nobinonly-0ubuntu0.10.04.1)
Ubuntu 11.10 (Oneiric Ocelot):	not-affected (5.0~b2+build1+nobinonly-0ubuntu2)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (5.0~b2+build1+nobinonly-0ubuntu2)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (5.0~b2+build1+nobinonly-0ubuntu2)
Ubuntu 13.04 (Raring Ringtail):	not-affected (5.0~b2+build1+nobinonly-0ubuntu2)
Ubuntu 13.10 (Saucy Salamander):	not-affected (5.0~b2+build1+nobinonly-0ubuntu2)

Package

Source: firefox-3.5 (LP Ubuntu Debian)

Upstream:	released (3.6.17)
Ubuntu 8.04 LTS (Hardy Heron):	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 11.10 (Oneiric Ocelot):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: seamonkey (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	needs-triage
Ubuntu 11.10 (Oneiric Ocelot):	ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: thunderbird (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	released (3.1.10+build1+nobinonly-0ubuntu0.10.04.1)
Ubuntu 11.10 (Oneiric Ocelot):	not-affected
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	not-affected
Ubuntu 13.04 (Raring Ringtail):	not-affected
Ubuntu 13.10 (Saucy Salamander):	not-affected

Package

Source: xulrunner-1.9.2 (LP Ubuntu Debian)

Upstream:	released (1.9.2.17)
Ubuntu 8.04 LTS (Hardy Heron):	released (1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):	released (1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1)
Ubuntu 11.10 (Oneiric Ocelot):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

More Information

Updated: 2013-05-09 15:15:11 UTC (commit 6824)