Launchpad CVE tracker

CVE 2010-2766

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.

Related bugs and status

CVE-2010-2766 (Candidate) is related to these bugs:

Bug #469752: firefox,3.5/3.6 startup-notification bug

		In	Importance	Status
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu)	Medium	Invalid
469752	firefox,3.5/3.6 startup-notification bug	Mozilla Firefox	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Suse)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu Lucid)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu Lucid)	Medium	Invalid

Bug #593571: The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.

Summary				In	Importance	Status
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu)	Medium	Fix Released
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu Lucid)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-2766

References