Candidate: CVE-2010-3183 PublicDate: 2010-10-21 19:00:00 UTC PublicDateAtUSN: 2010-10-19 References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3183 https://ubuntu.com/security/notices/USN-998-1 https://ubuntu.com/security/notices/USN-997-1 Description: The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. Ubuntu-Description: Notes: jdstrand> CVEs in Firefox are tracked in the xulrunner source packages for builds that use the system xulrunner, and firefox source packages for those that use a static build xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul) xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul) xulrunner-1.9: (ignored) reverse dependencies no longer process web content xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content xulrunner-1.9.2: system xul for reverese dependencies that process web content firefox: Ubuntu 6.06 LTS (static build) firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher) firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x) firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead) firefox-3.5: Ubuntu 9.10 (static build of 3.6.x) jdstrand> thunderbird low (javascript not enabled by default) Bugs: Priority: medium Discovered-by: Assigned-to: chriscoulson CVSS: Patches_firefox: upstream_firefox: released (3.6.11) dapper_firefox: ignored (reached end-of-life) hardy_firefox: ignored (uses system xulrunner) jaunty_firefox: DNE karmic_firefox: DNE lucid_firefox: released (3.6.11+build3+nobinonly-0ubuntu0.10.04.1) maverick_firefox: released (3.6.11+build3+nobinonly-0ubuntu0.10.10.1) natty_firefox: released (3.6.11+build3+nobinonly-0ubuntu0.10.10.1) devel_firefox: released (3.6.11+build3+nobinonly-0ubuntu0.10.10.1) Patches_firefox-3.0: upstream_firefox-3.0: needs-triage (Ubuntu source uses 3.6.x) dapper_firefox-3.0: DNE hardy_firefox-3.0: released (3.6.11+build3+nobinonly-0ubuntu0.8.04.1) jaunty_firefox-3.0: released (3.6.11+build3+nobinonly-0ubuntu0.9.04.1) karmic_firefox-3.0: DNE lucid_firefox-3.0: DNE maverick_firefox-3.0: DNE natty_firefox-3.0: DNE devel_firefox-3.0: DNE Patches_firefox-3.5: upstream_firefox-3.5: needs-triage (Ubuntu source uses 3.6.x) dapper_firefox-3.5: DNE hardy_firefox-3.5: DNE jaunty_firefox-3.5: released (3.5.14+build3+nobinonly-0ubuntu0.9.04.1) karmic_firefox-3.5: released (3.6.11+build3+nobinonly-0ubuntu0.9.10.1) lucid_firefox-3.5: DNE maverick_firefox-3.5: DNE natty_firefox-3.5: DNE devel_firefox-3.5: DNE Patches_xulrunner-1.9.1: upstream_xulrunner-1.9.1: released (1.9.1.14) dapper_xulrunner-1.9.1: DNE hardy_xulrunner-1.9.1: DNE jaunty_xulrunner-1.9.1: released (1.9.1.14+build4+nobinonly-0ubuntu0.9.04.1) karmic_xulrunner-1.9.1: released (1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1) lucid_xulrunner-1.9.1: DNE maverick_xulrunner-1.9.1: DNE natty_xulrunner-1.9.1: DNE devel_xulrunner-1.9.1: DNE Patches_xulrunner-1.9.2: upstream_xulrunner-1.9.2: released (1.9.2.11) dapper_xulrunner-1.9.2: DNE hardy_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1) jaunty_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1) karmic_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1) lucid_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1) maverick_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1) natty_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1) devel_xulrunner-1.9.2: released (1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1) Patches_seamonkey: upstream_seamonkey: released (2.0.9) dapper_seamonkey: DNE hardy_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.8.04.1) jaunty_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.9.04.1) karmic_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.9.10.1) lucid_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.10.04.1) maverick_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.10.10.1) natty_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.10.10.1) devel_seamonkey: released (2.0.9+build1+nobinonly-0ubuntu0.10.10.1) Patches_thunderbird: Priority_thunderbird: low upstream_thunderbird: released (3.0.9, 3.1.5) dapper_thunderbird: DNE hardy_thunderbird: ignored (reached end-of-life) jaunty_thunderbird: ignored (reached end-of-life) karmic_thunderbird: ignored (reached end-of-life) lucid_thunderbird: released (3.0.9+build1+nobinonly-0ubuntu0.10.04.1) maverick_thunderbird: released (3.1.5+build1+nobinonly-0ubuntu0.10.10.1) natty_thunderbird: released (3.1.5+build1+nobinonly-0ubuntu0.10.10.1) devel_thunderbird: released (3.1.5+build1+nobinonly-0ubuntu0.10.10.1)