1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
PublicDateAtUSN: 2010-07-23
Candidate: CVE-2010-2752
PublicDate: 2010-07-30
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2752
http://www.ubuntu.com/usn/usn-930-4
http://www.ubuntu.com/usn/usn-957-1
http://www.ubuntu.com/usn/usn-958-1
Description:
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11
and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before
3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute
arbitrary code by placing many Cascading Style Sheets (CSS) values in an
array, related to references to external font resources and an
inconsistency between 16-bit and 32-bit integers.
Ubuntu-Description:
Notes:
jdstrand> CVEs in Firefox are tracked in the xulrunner source packages for
builds that use the system xulrunner, and firefox source packages for those
that use a static build
xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul)
xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul)
xulrunner-1.9: (ignored) reverse dependencies no longer process web content
xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content
xulrunner-1.9.2: system xul for reverese dependencies that process web content
firefox: Ubuntu 6.06 LTS (static build)
firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher)
firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x)
firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead)
firefox-3.5: Ubuntu 9.10 (static build of 3.6.x)
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chriscoulson
Patches_firefox:
upstream_firefox: needs-triage
dapper_firefox: ignored (reached end-of-life)
hardy_firefox: ignored (uses system xulrunner)
jaunty_firefox: DNE
karmic_firefox: DNE
lucid_firefox: released (3.6.7+build2+nobinonly-0ubuntu0.10.04.1)
maverick_firefox: released (3.6.7+build2+nobinonly-0ubuntu1)
natty_firefox: released (3.6.7+build2+nobinonly-0ubuntu1)
devel_firefox: released (3.6.7+build2+nobinonly-0ubuntu1)
Patches_firefox-3.0:
upstream_firefox-3.0: needs-triage (Ubuntu source uses 3.6.x)
dapper_firefox-3.0: DNE
hardy_firefox-3.0: released (3.6.7+build2+nobinonly-0ubuntu0.8.04.1)
jaunty_firefox-3.0: released (3.6.7+build2+nobinonly-0ubuntu0.9.04.1)
karmic_firefox-3.0: DNE
lucid_firefox-3.0: DNE
maverick_firefox-3.0: DNE
natty_firefox-3.0: DNE
devel_firefox-3.0: DNE
Patches_firefox-3.5:
upstream_firefox-3.5: needs-triage (Ubuntu source uses 3.6.x)
dapper_firefox-3.5: DNE
hardy_firefox-3.5: DNE
jaunty_firefox-3.5: ignored
karmic_firefox-3.5: released (3.6.7+build2+nobinonly-0ubuntu0.9.10.1)
lucid_firefox-3.5: DNE
maverick_firefox-3.5: DNE
natty_firefox-3.5: DNE
devel_firefox-3.5: DNE
Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
dapper_xulrunner-1.9.2: DNE
hardy_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2)
jaunty_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2)
karmic_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2)
lucid_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1)
maverick_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu1)
natty_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu1)
devel_xulrunner-1.9.2: released (1.9.2.7+build2+nobinonly-0ubuntu1)
Patches_thunderbird:
Priority_thunderbird: low
upstream_thunderbird: released (3.0.6)
dapper_thunderbird: DNE
hardy_thunderbird: ignored (reached end-of-life)
jaunty_thunderbird: ignored (reached end-of-life)
karmic_thunderbird: ignored (reached end-of-life)
lucid_thunderbird: released (3.0.6+build2+nobinonly-0ubuntu0.10.04.1)
maverick_thunderbird: released (3.1.3+build1+nobinonly-0ubuntu1)
natty_thunderbird: released (3.1.3+build1+nobinonly-0ubuntu1)
devel_thunderbird: released (3.1.3+build1+nobinonly-0ubuntu1)
|