CVE-2010-1198 Information

Description

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 http://www.mozilla.org/security/announce/2010/mfsa2010-28.html http://www.redhat.com/support/errata/RHSA-2010-0499.html http://www.redhat.com/support/errata/RHSA-2010-0500.html http://www.redhat.com/support/errata/RHSA-2010-0501.html http://www.securityfocus.com/bid/41050 http://www.securityfocus.com/bid/41102 http://www.securitytracker.com/id?1024138 http://www.ubuntu.com/usn/usn-930-2 http://www.vupen.com/english/advisories/2010/1551 http://www.vupen.com/english/advisories/2010/1556 http://www.vupen.com/english/advisories/2010/1557 http://www.vupen.com/english/advisories/2010/1592 http://www.vupen.com/english/advisories/2010/1640 http://www.vupen.com/english/advisories/2010/1773 https://bugzilla.mozilla.org/show_bug.cgi?id=532246 https://exchange.xforce.ibmcloud.com/vulnerabilities/59664 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10990 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14176