CVE-2010-1203

2010-06-2400:00:00

ubuntu.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.11

Percentile

95.2%

JSON

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote
attackers to cause a denial of service (memory corruption and application
crash) or possibly execute arbitrary code via vectors that trigger an
assertion failure in jstracer.cpp.

Notes

Author	Note
jdstrand	CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. thunderbird neglibible (requires javascript be enabled)

Author

Note

jdstrand

CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. thunderbird neglibible (requires javascript be enabled)

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 3.6.6+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchfirefox< 3.6.7+build2+nobinonly-0ubuntu1UNKNOWN
ubuntu11.04noarchfirefox< 3.6.7+build2+nobinonly-0ubuntu1UNKNOWN
ubuntu11.10noarchfirefox< 3.6.7+build2+nobinonly-0ubuntu1UNKNOWN
ubuntu8.04noarchseamonkey< 2.0.8+build1+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu9.04noarchseamonkey< 2.0.8+build1+nobinonly-0ubuntu0.9.04.1UNKNOWN
ubuntu9.10noarchseamonkey< 2.0.8+build1+nobinonly-0ubuntu0.9.10.1UNKNOWN
ubuntu10.04noarchseamonkey< 2.0.6+build1+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchseamonkey< 2.0.6+build1+nobinonly-0ubuntu1UNKNOWN
ubuntu11.04noarchseamonkey< 2.0.6+build1+nobinonly-0ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	firefox	< 3.6.6+nobinonly-0ubuntu0.10.04.1	UNKNOWN
ubuntu	10.10	noarch	firefox	< 3.6.7+build2+nobinonly-0ubuntu1	UNKNOWN
ubuntu	11.04	noarch	firefox	< 3.6.7+build2+nobinonly-0ubuntu1	UNKNOWN
ubuntu	11.10	noarch	firefox	< 3.6.7+build2+nobinonly-0ubuntu1	UNKNOWN
ubuntu	8.04	noarch	seamonkey	< 2.0.8+build1+nobinonly-0ubuntu0.8.04.1	UNKNOWN
ubuntu	9.04	noarch	seamonkey	< 2.0.8+build1+nobinonly-0ubuntu0.9.04.1	UNKNOWN
ubuntu	9.10	noarch	seamonkey	< 2.0.8+build1+nobinonly-0ubuntu0.9.10.1	UNKNOWN
ubuntu	10.04	noarch	seamonkey	< 2.0.6+build1+nobinonly-0ubuntu0.10.04.1	UNKNOWN
ubuntu	10.10	noarch	seamonkey	< 2.0.6+build1+nobinonly-0ubuntu1	UNKNOWN
ubuntu	11.04	noarch	seamonkey	< 2.0.6+build1+nobinonly-0ubuntu1	UNKNOWN