CVE-2010-0175
Firefox < 3.0.19 and 3.5.x < 3.5.9 - Use-After-Free in nsTreeSelection
Title source: llmDescription
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.
References (34)
Core 34
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=375928
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39397
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0333.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39308
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39136
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0781
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038406.html
Various Sources vendor-advisory
x_refsource_ubuntu
http://ubuntu.com/usn/usn-921-1
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2010/mfsa2010-17.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023782
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0764
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-050
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7546
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023780
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57390
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0765
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:070
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510542/100/0/threaded
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038367.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9834
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38566
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39117
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39243
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0748
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0849
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038378.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0790
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39242
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2010/dsa-2027
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0332.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39240
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39204
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=540100
Scores
EPSS
0.0705
EPSS Percentile
93.5%
Details
CWE
CWE-399
Status
published
Products (46)
mozilla/firefox
0.1
mozilla/firefox
0.2
mozilla/firefox
0.3
mozilla/firefox
0.4
mozilla/firefox
0.5
mozilla/firefox
0.6
mozilla/firefox
0.6.1
mozilla/firefox
0.7
mozilla/firefox
0.7.1
mozilla/firefox
0.8
... and 36 more
Published
Apr 05, 2010
Tracked Since
Feb 18, 2026