CVE-2011-0085

Priority
Medium
Description
Use-after-free vulnerability in the nsXULCommandDispatcher function in
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey
through 2.0.14 allows remote attackers to execute arbitrary code via a
crafted XUL document that dequeues the current command updater.
References
Package
Upstream:ignored (Ubuntu source uses 3.6.x)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6.18)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:ignored (Ubuntu source uses 3.6.x)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (2.1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.1.11)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (1.9.2.18)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:39:18 UTC (commit 9756)