CVE-2010-3765

Vulnerability Description

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-Vendor Advisory
• http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefoxBroken Link
• http://isc.sans.edu/diary.html?storyid=9817Press/Media Coverage
• http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.hThird Party Advisory
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.htThird Party Advisory
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.htThird Party Advisory
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.htThird Party Advisory
• http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_sourProduct
• http://secunia.com/advisories/41761Vendor Advisory
• http://secunia.com/advisories/41965Vendor Advisory
• http://secunia.com/advisories/41966Vendor Advisory
• http://secunia.com/advisories/41969Vendor Advisory
• http://secunia.com/advisories/41975Vendor Advisory
• http://secunia.com/advisories/42003Vendor Advisory
• http://secunia.com/advisories/42008Vendor Advisory