CVE-2010-3179 Information

Description

Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11 Thunderbird before 3.0.9 and 3.1.x before 3.1.5 and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.

Reference

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100120156 http://www.debian.org/security/2010/dsa-2124 http://www.mandriva.com/security/advisories?name=MDVSA-2010:210 http://www.mandriva.com/security/advisories?name=MDVSA-2010:211 http://www.mozilla.org/security/announce/2010/mfsa2010-65.html http://www.redhat.com/support/errata/RHSA-2010-0782.html http://www.redhat.com/support/errata/RHSA-2010-0861.html http://www.redhat.com/support/errata/RHSA-2010-0896.html http://www.ubuntu.com/usn/USN-997-1 http://www.ubuntu.com/usn/USN-998-1 http://www.vupen.com/english/advisories/2011/0061 https://bugzilla.mozilla.org/show_bug.cgi?id=583077 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11675