Lucene search
SecurityvulnsSECURITYVULNS:DOC:24121HistoryJun 25, 2010 - 12:00 a.m.
Mozilla Foundation Security Advisory 2010-28
2010-06-2500:00:00
vulners.com
65
Mozilla Foundation Security Advisory 2010-28
Title: Freed object reuse across plugin instances
Impact: Critical
Announced: June 22, 2010
Reporter: Microsoft Vulnerability Research
Products: Firefox, SeaMonkey
Fixed in: Firefox 3.6.4
Firefox 3.5.10
SeaMonkey 2.0.5
Description
Microsoft Vulnerability Research reported that two plugin instances could interact in a way in which one plugin gets a reference to an object owned by a second plugin and continues to hold that reference after the second plugin is unloaded and its object is destroyed. In these cases, the first plugin would contain a pointer to freed memory which, if accessed, could be used by an attacker to execute arbitrary code on a victim's computer.
References
* https://bugzilla.mozilla.org/show_bug.cgi?id=532246
* CVE-2010-1198
Related
mozilla
mozilla
Freed object reuse across plugin instances — Mozilla
2010-06-22 00:00:00
veracode
veracode
Use-after-Free
2020-04-10 00:43:48
prion
prion
Design/Logic Flaw
2010-06-24 12:30:00
cve
cve
CVE-2010-1198
2010-06-24 12:30:00
ubuntucve
ubuntucve
CVE-2010-1198
2010-06-24 00:00:00
openvas
openvas
CentOS Update for seamonkey CESA-2010:0499 centos3 i386
2010-08-20 00:00:00
nessus
nessus
Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
2012-08-01 00:00:00
Debian DSA-2064-1 : xulrunner - several vulnerabilities
2010-06-29 00:00:00
SeaMonkey < 2.0.5 Multiple Vulnerabilities
2010-06-23 00:00:00
redhat
redhat
(RHSA-2010:0499) Critical: seamonkey security update
2010-06-22 00:00:00
(RHSA-2010:0501) Critical: firefox security, bug fix, and enhancement update
2010-06-22 00:00:00
(RHSA-2010:0500) Critical: firefox security, bug fix, and enhancement update
2010-06-22 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2010-06-22 00:00:00
thunderbird security update
2010-07-21 00:00:00
firefox security, bug fix, and enhancement update
2010-06-23 00:00:00
centos
centos
seamonkey security update
2010-07-21 19:15:00
thunderbird security update
2010-08-06 23:32:55
devhelp, esc, firefox, gnome, totem, xulrunner, yelp security update
2010-06-24 16:14:16
debian
debian
[SECURITY] [DSA 2064-1] New xulrunner packages fix several vulnerabilities
2010-06-27 20:39:12
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:48:42
[Backports-security-announce] Security Update for xulrunner
2010-07-01 11:54:27
osv
osv
xulrunner - several vulnerabilities
2010-06-27 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: firefox-3.6.4-1.fc13
2010-06-24 16:31:49
[SECURITY] Fedora 13 Update: galeon-2.0.7-29.fc13
2010-06-24 16:31:49
[SECURITY] Fedora 13 Update: xulrunner-1.9.2.4-1.fc13
2010-06-24 16:31:49
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-06-29 00:00:00
Firefox regression
2010-06-30 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2010-06-25 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-06-22 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla-xulrunner191
2010-07-09 14:53:59
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
Related for SECURITYVULNS:DOC:24121