CVE-2010-1203

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
mozillafirefox
3.6
mozillafirefox
3.6.2
mozillafirefox
3.6.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
oneiric
Fixed 3.6.7+build2+nobinonly-0ubuntu1
released
natty
Fixed 3.6.7+build2+nobinonly-0ubuntu1
released
maverick
Fixed 3.6.7+build2+nobinonly-0ubuntu1
released
lucid
Fixed 3.6.6+nobinonly-0ubuntu0.10.04.1
released
karmic
dne
jaunty
dne
hardy
ignored
dapper
ignored
seamonkey
oneiric
Fixed 2.0.6+build1+nobinonly-0ubuntu1
released
natty
Fixed 2.0.6+build1+nobinonly-0ubuntu1
released
maverick
Fixed 2.0.6+build1+nobinonly-0ubuntu1
released
lucid
Fixed 2.0.6+build1+nobinonly-0ubuntu0.10.04.1
released
karmic
Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.10.1
released
jaunty
Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.04.1
released
hardy
Fixed 2.0.8+build1+nobinonly-0ubuntu0.8.04.1
released
dapper
dne
thunderbird
oneiric
Fixed 3.0.5+build2+nobinonly-0ubuntu1
released
natty
Fixed 3.0.5+build2+nobinonly-0ubuntu1
released
maverick
Fixed 3.0.5+build2+nobinonly-0ubuntu1
released
lucid
Fixed 3.0.5+build2+nobinonly-0ubuntu0.10.04.1
released
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
dne
xulrunner
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
dne
xulrunner-1.9
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
ignored
hardy
ignored
dapper
dne
xulrunner-1.9.1
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
ignored
jaunty
ignored
hardy
dne
dapper
dne
xulrunner-1.9.2
oneiric
dne
natty
Fixed 1.9.2.7+build2+nobinonly-0ubuntu1
released
maverick
Fixed 1.9.2.7+build2+nobinonly-0ubuntu1
released
lucid
Fixed 1.9.2.6+nobinonly-0ubuntu0.10.04.1
released
karmic
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2
released
jaunty
Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2
released
hardy
Fixed 1.9.2.6+nobinonly-0ubuntu0.8.04.1
released
dapper
dne
References
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
http://secunia.com/advisories/40323
http://secunia.com/advisories/40326
http://secunia.com/advisories/40401
http://secunia.com/advisories/40481
http://support.avaya.com/css/P8/documents/100091069
http://ubuntu.com/usn/usn-930-1
http://www.mandriva.com/security/advisories?name=MDVSA-2010:125
http://www.mozilla.org/security/announce/2010/mfsa2010-26.html
http://www.redhat.com/support/errata/RHSA-2010-0500.html
http://www.redhat.com/support/errata/RHSA-2010-0501.html
http://www.securityfocus.com/bid/41050
http://www.securityfocus.com/bid/41099
http://www.securitytracker.com/id?1024138
http://www.securitytracker.com/id?1024139
http://www.ubuntu.com/usn/usn-930-2
http://www.vupen.com/english/advisories/2010/1551
http://www.vupen.com/english/advisories/2010/1557
http://www.vupen.com/english/advisories/2010/1640
http://www.vupen.com/english/advisories/2010/1773
https://bugzilla.mozilla.org/show_bug.cgi?id=546611
https://bugzilla.mozilla.org/show_bug.cgi?id=557946
https://exchange.xforce.ibmcloud.com/vulnerabilities/59662
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10401
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8317
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
http://secunia.com/advisories/40323
http://secunia.com/advisories/40326
http://secunia.com/advisories/40401
http://secunia.com/advisories/40481
http://support.avaya.com/css/P8/documents/100091069
http://ubuntu.com/usn/usn-930-1
http://www.mandriva.com/security/advisories?name=MDVSA-2010:125
http://www.mozilla.org/security/announce/2010/mfsa2010-26.html
http://www.redhat.com/support/errata/RHSA-2010-0500.html
http://www.redhat.com/support/errata/RHSA-2010-0501.html
http://www.securityfocus.com/bid/41050
http://www.securityfocus.com/bid/41099
http://www.securitytracker.com/id?1024138
http://www.securitytracker.com/id?1024139
http://www.ubuntu.com/usn/usn-930-2
http://www.vupen.com/english/advisories/2010/1551
http://www.vupen.com/english/advisories/2010/1557
http://www.vupen.com/english/advisories/2010/1640
http://www.vupen.com/english/advisories/2010/1773
https://bugzilla.mozilla.org/show_bug.cgi?id=546611
https://bugzilla.mozilla.org/show_bug.cgi?id=557946
https://exchange.xforce.ibmcloud.com/vulnerabilities/59662
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10401
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8317