CVE-2010-2752 (retired)

Priority
Description
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11
and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before
3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute
arbitrary code by placing many Cascading Style Sheets (CSS) values in an
array, related to references to external font resources and an
inconsistency between 16-bit and 32-bit integers.
Notes
 jdstrand> CVEs in Firefox are tracked in the xulrunner source packages for
  builds that use the system xulrunner, and firefox source packages for those
  that use a static build
  xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul)
  xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul)
  xulrunner-1.9: (ignored) reverse dependencies no longer process web content
  xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content
  xulrunner-1.9.2: system xul for reverese dependencies that process web content
  firefox: Ubuntu 6.06 LTS (static build)
  firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher)
  firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x)
  firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead)
  firefox-3.5: Ubuntu 9.10 (static build of 3.6.x)
Assigned-to
chriscoulson
Package
Upstream:needs-triage
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Priority: Low
Upstream:released (3.0.6)
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:52:26 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)