CVE-2010-0159

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
mozillafirefox
3.0 ≤
𝑥
< 3.0.18
mozillafirefox
3.5 ≤
𝑥
< 3.5.8
mozillaseamonkey
𝑥
< 2.0.3
mozillathunderbird
𝑥
< 3.0.2
debiandebian_linux
5.0
canonicalubuntu_linux
8.04
canonicalubuntu_linux
8.10
canonicalubuntu_linux
9.04
canonicalubuntu_linux
9.10
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
not-affected
karmic
dne
jaunty
dne
intrepid
dne
hardy
not-affected
dapper
ignored
mozilla-thunderbird
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
dapper
ignored
seamonkey
lucid
Fixed 2.0.8+build1+nobinonly-0ubuntu0.10.04.1
released
karmic
Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.10.1
released
jaunty
Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.04.1
released
intrepid
ignored
hardy
Fixed 2.0.8+build1+nobinonly-0ubuntu0.8.04.1
released
dapper
dne
thunderbird
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
dapper
dne
xulrunner-1.9
lucid
dne
karmic
dne
jaunty
Fixed 1.9.0.18+build1+nobinonly-0ubuntu0.9.04.1
released
intrepid
Fixed 1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1
released
hardy
Fixed 1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1
released
dapper
dne
xulrunner-1.9.1
lucid
dne
karmic
Fixed 1.9.1.8+build1+nobinonly-0ubuntu0.9.10.1
released
jaunty
Fixed 1.9.1.8+build1+nobinonly-0ubuntu0.9.04.1
released
intrepid
dne
hardy
dne
dapper
dne
References