CVE-2010-2755 (retired)

Priority
Description
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly
free memory in the parameter array of a plugin instance, which allows
remote attackers to cause a denial of service (memory corruption) or
possibly execute arbitrary code via a crafted HTML document, related to the
DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability
exists because of an incorrect fix for CVE-2010-1214.
Assigned-to
chriscoulson
Package
Upstream:released (3.6.8)
Package
Upstream:released (3.6.8)
Package
Upstream:released (3.6.8)
Package
Upstream:released (1.9.2.8)
More Information

Updated: 2019-09-19 15:32:31 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)