Lucene search
RootSSV:19999HistoryJul 27, 2010 - 12:00 a.m.
Mozilla Firefox 3.6.7 插件参数引用悬停指针漏洞
2010-07-2700:00:00
Root
www.seebug.org
11
0.28 Low
EPSS
Percentile
96.3%
BUGTRAQ ID: 41933
CVE ID: CVE-2010-2755
Firefox是一款非常流行的开源WEB浏览器。
Firefox的插件处理器中存在无效释放漏洞,在某些情况下可能过早的释放插件例程参数数组中的属性,留下插件可执行的悬停指针,可能会调用攻击者所控制的内存。
用户受骗访问恶意的web内容可能导致释放无效的内存指针,Firefox可能会崩溃或以运行Firefox用户的权限执行任意代码。
Mozilla Firefox 3.6.7
厂商补丁:
Mozilla
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
RedHat
RedHat已经为此发布了一个安全公告(RHSA-2010:0557-01)以及相应补丁:
RHSA-2010:0557-01:Critical: seamonkey security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0557.html
Related
oraclelinux
oraclelinux
firefox security update
2010-07-26 00:00:00
seamonkey security update
2010-07-26 00:00:00
firefox security update
2010-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: xulrunner-1.9.2.7-2.fc13
2010-07-27 02:49:48
[SECURITY] Fedora 12 Update: xulrunner-1.9.1.11-2.fc12
2010-07-27 02:45:31
openvas
openvas
Fedora Update for xulrunner FEDORA-2010-11452
2010-07-30 00:00:00
Fedora Update for xulrunner FEDORA-2010-11472
2010-07-30 00:00:00
RedHat Update for seamonkey RHSA-2010:0557-01
2010-07-26 00:00:00
nessus
nessus
RHEL 5 : firefox (RHSA-2010:0556)
2010-07-28 00:00:00
RHEL 3 / 4 : seamonkey (RHSA-2010:0557)
2010-07-28 00:00:00
Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0557)
2013-07-12 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:46:26
mozilla
mozilla
Dangling pointer crash regression from plugin parameter array fix — Mozilla
2010-07-20 00:00:00
cvelist
cvelist
CVE-2010-2755
2010-07-29 18:00:00
redhat
redhat
(RHSA-2010:0556) Critical: firefox security update
2010-07-23 00:00:00
(RHSA-2010:0558) Critical: firefox security update
2010-07-23 00:00:00
(RHSA-2010:0557) Critical: seamonkey security update
2010-07-23 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-48
2010-07-24 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2010-07-24 00:00:00
centos
centos
firefox, xulrunner security update
2010-07-27 09:39:16
seamonkey security update
2010-07-27 14:23:17
firefox security update
2010-08-06 23:21:00
freebsd
freebsd
firefox -- Dangling pointer crash regression from plugin parameter array fix
2010-07-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Plugin Parameter Array Dangling Pointer (CVE-2010-2755)
2010-08-29 00:00:00
cve
cve
CVE-2010-2755
2010-07-30 13:26:00
ubuntucve
ubuntucve
CVE-2010-2755
2010-07-24 00:00:00
prion
prion
Memory corruption
2010-07-30 13:26:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerability
2010-07-26 00:00:00
Firefox and Xulrunner vulnerability
2010-07-26 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-07-30 13:10:04
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00