CVE-2010-2753 Information

Description

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7 Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1 and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element which triggers a use-after-free.

Reference

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://www.mozilla.org/security/announce/2010/mfsa2010-40.html http://www.securityfocus.com/archive/1/512510 http://www.securityfocus.com/bid/41853 http://www.zerodayinitiative.com/advisories/ZDI-10-131/ https://bugzilla.mozilla.org/show_bug.cgi?id=571106 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10958