CVE-2010-3767 in Ubuntu

CVE-2010-3767

Priority

Description

Integer overflow in the NewIdArray function in Mozilla Firefox before
3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote
attackers to execute arbitrary code via a JavaScript array with many
elements.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3767
https://usn.ubuntu.com/usn/usn-1019-1

Assigned-to

chriscoulson

Notes

jdstrand

Ubuntu 11.04 (Natty Narwhal) has 4.0b7. Fixes will be in 4.0b8.

Package

Source: firefox (LP Ubuntu Debian)

Upstream:

released (3.6.13)

Package

Source: firefox-3.0 (LP Ubuntu Debian)

Upstream:

needs-triage (Ubuntu source uses 3.6.x)

Package

Source: firefox-3.5 (LP Ubuntu Debian)

Upstream:

needs-triage (Ubuntu source uses 3.6.x)

Package

Source: seamonkey (LP Ubuntu Debian)

Upstream:

released (2.0.11)

Package

Source: xulrunner-1.9.2 (LP Ubuntu Debian)

Upstream:

needs-triage

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2020-09-10 01:38:11 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)