← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

PublicDateAtUSN: 2010-07-23
Candidate: CVE-2010-1212
PublicDate: 2010-07-30
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1212
 http://www.ubuntu.com/usn/usn-930-4
 http://www.ubuntu.com/usn/usn-957-1
 http://www.ubuntu.com/usn/usn-958-1
Description:
 js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before
 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a
 denial of service (memory corruption and application crash) or possibly
 execute arbitrary code via vectors related to (1) propagation of deep
 aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth
 handling in the TraceRecorder::record_JSOP_GETELEM function, and (3)
 tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB
 function.
Ubuntu-Description: 
Notes: 
 jdstrand> CVEs in Firefox are tracked in the xulrunner source packages for
  builds that use the system xulrunner, and firefox source packages for those
  that use a static build
   xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul)
   xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul)
   xulrunner-1.9: (ignored) reverse dependencies no longer process web content
   xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content
   xulrunner-1.9.2: system xul for reverese dependencies that process web content
   firefox: Ubuntu 6.06 LTS (static build)
   firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher)
   firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x)
   firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead)
   firefox-3.5: Ubuntu 9.10 (static build of 3.6.x)
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 

Patches_firefox:
upstream_firefox: needs-triage
dapper_firefox: ignored (reached end-of-life)
hardy_firefox: ignored (uses system xulrunner)
jaunty_firefox: DNE
karmic_firefox: DNE
lucid_firefox: released (3.6.7+build2+nobinonly-0ubuntu0.10.04.1)
devel_firefox: released (3.6.7+build2+nobinonly-0ubuntu1)

Patches_firefox-3.0:
upstream_firefox-3.0: needs-triage (Ubuntu source uses 3.6.x)
dapper_firefox-3.0: DNE
hardy_firefox-3.0: released (3.6.7+build2+nobinonly-0ubuntu0.8.04.1)
jaunty_firefox-3.0: released (3.6.7+build2+nobinonly-0ubuntu0.9.04.1)
karmic_firefox-3.0: DNE
lucid_firefox-3.0: DNE
devel_firefox-3.0: DNE

Patches_firefox-3.5:
upstream_firefox-3.5: needs-triage (Ubuntu source uses 3.6.x)
dapper_firefox-3.5: DNE
hardy_firefox-3.5: DNE
jaunty_firefox-3.5: ignored
karmic_firefox-3.5: released (3.6.7+build2+nobinonly-0ubuntu0.9.10.1)
lucid_firefox-3.5: DNE
devel_firefox-3.5: DNE


Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
dapper_xulrunner-1.9.2: DNE
hardy_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2)
jaunty_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2)
karmic_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2)
lucid_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1)
devel_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu1)