CVE-2010-1198

Mozilla Firefox <3.5.10 & SeaMonkey <2.0.5 - Use After Free

Title source: llm
STIX 2.1

Description

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

References (27)

Core 27
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40401
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40481
Various Sources vendor-advisory x_refsource_ubuntu
http://ubuntu.com/usn/usn-930-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024138
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1640
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41050
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59664
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0501.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1557
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:125
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1773
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0499.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1556
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1592
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-930-2
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1551
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0500.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10990
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41102
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=532246
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40326
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14176
Vendor Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100091069

Scores

EPSS 0.0481
EPSS Percentile 91.0%

Details

CWE
CWE-399
Status published
Products (43)
mozilla/firefox 3.5
mozilla/firefox 3.5.1
mozilla/firefox 3.5.2
mozilla/firefox 3.5.3
mozilla/firefox 3.5.4
mozilla/firefox 3.5.5
mozilla/firefox 3.5.6
mozilla/firefox 3.5.7
mozilla/firefox 3.5.9
mozilla/firefox 3.6
... and 33 more
Published Jun 24, 2010
Tracked Since Feb 18, 2026