Description

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html

http://secunia.com/advisories/37242

http://secunia.com/advisories/38847

http://www.debian.org/security/2010/dsa-1999

http://www.mandriva.com/security/advisories?name=MDVSA-2010:042

http://www.mozilla.org/security/announce/2010/mfsa2010-02.html

http://www.redhat.com/support/errata/RHSA-2010-0112.html

http://www.securityfocus.com/archive/1/510533/100/0/threaded

http://www.ubuntu.com/usn/USN-895-1

http://www.ubuntu.com/usn/USN-896-1

http://www.vupen.com/english/advisories/2010/0405

http://www.zerodayinitiative.com/advisories/ZDI-10-046

https://bugzilla.mozilla.org/show_bug.cgi?id=531222

https://bugzilla.mozilla.org/show_bug.cgi?id=533000

https://bugzilla.mozilla.org/show_bug.cgi?id=534051

https://exchange.xforce.ibmcloud.com/vulnerabilities/56360

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11166

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8465

Details

Risk Information

CVSS v2