CVE-2010-3767 in Ubuntu

CVE-2010-3767

Priority

Description

Integer overflow in the NewIdArray function in Mozilla Firefox before
3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote
attackers to execute arbitrary code via a JavaScript array with many
elements.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3767
https://usn.ubuntu.com/usn/usn-1019-1

Assigned-to

chriscoulson

Notes

jdstrand

Ubuntu 11.04 (Natty Narwhal) has 4.0b7. Fixes will be in 4.0b8.

Package

Source: firefox (LP Ubuntu Debian)

Upstream:

released (3.6.13)

Package

Source: firefox-3.0 (LP Ubuntu Debian)

Upstream:

needs-triage (Ubuntu source uses 3.6.x)

Package

Source: firefox-3.5 (LP Ubuntu Debian)

Upstream:

needs-triage (Ubuntu source uses 3.6.x)

Package

Source: seamonkey (LP Ubuntu Debian)

Upstream:

released (2.0.11)

Package

Source: xulrunner-1.9.2 (LP Ubuntu Debian)

Upstream:

needs-triage

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-12-05 20:55:47 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)