CVE-2010-1121

Mozilla Firefox <3.6.3 - Use After Free

Title source: llm
STIX 2.1

Description

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.

References (24)

Core 24
Core References
Various Sources vendor-advisory x_refsource_ubuntu
http://ubuntu.com/usn/usn-930-1
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40481
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10924
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1640
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0501.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1557
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1773
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1592
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-930-2
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1023817
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=555109
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0500.html
Various Sources x_refsource_misc
http://news.cnet.com/8301-27080_3-20001126-245.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6844
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40323
Various Sources x_refsource_misc
http://twitter.com/thezdi/statuses/11005277222
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40401
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40326
Vendor Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100091069

Scores

EPSS 0.0577
EPSS Percentile 92.2%

Details

CWE
CWE-94
Status published
Products (3)
mozilla/firefox 3.6
mozilla/firefox 3.6.1
mozilla/firefox 3.6.2
Published Mar 25, 2010
Tracked Since Feb 18, 2026