Launchpad.net

CVE 2010-3765

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

Related bugs and status

CVE-2010-3765 (Candidate) is related to these bugs:

Bug #469752: firefox,3.5/3.6 startup-notification bug

		In	Importance	Status
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu)	Medium	Invalid
469752	firefox,3.5/3.6 startup-notification bug	Mozilla Firefox	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Suse)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu Lucid)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu Lucid)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

References

MISC: http://isc.sans.edu/di...
MISC: http://www.norman.com/...
MISC: http://www.norman.com/...
CONFIRM: http://blog.mozilla.co...
CONFIRM: https://bugzilla.mozil...
CONFIRM: https://bugzilla.redha...
MISC: https://bugzilla.mozil...
FEDORA: FEDORA-2010-17105
MANDRIVA: MDVSA-2010:213
MANDRIVA: MDVSA-2010:219
VUPEN: ADV-2010-2871
REDHAT: RHSA-2010:0809
REDHAT: RHSA-2010:0810
CONFIRM: http://www.mozilla.org...
FEDORA: FEDORA-2010-16883
REDHAT: RHSA-2010:0808
REDHAT: RHSA-2010:0812
UBUNTU: USN-1011-3
SECTRACK: 1024650
SECTRACK: 1024651
SECUNIA: 41966
SECUNIA: 41969
SECUNIA: 42008
SECUNIA: 42043
VUPEN: ADV-2010-2837
VUPEN: ADV-2010-2857
VUPEN: ADV-2010-2864
CONFIRM: http://support.avaya.c...
CONFIRM: http://support.avaya.c...
UBUNTU: USN-1011-1
BID: 44425
SECTRACK: 1024645
SECUNIA: 41761
SECUNIA: 41965
SECUNIA: 41975
SECUNIA: 42003
REDHAT: RHSA-2010:0861
REDHAT: RHSA-2010:0896
FEDORA: FEDORA-2010-16885
FEDORA: FEDORA-2010-16897
CONFIRM: http://blogs.sun.com/s...
EXPLOIT-DB: 15341
EXPLOIT-DB: 15342
EXPLOIT-DB: 15352
DEBIAN: DSA-2124
UBUNTU: USN-1011-2
SECUNIA: 42867
VUPEN: ADV-2011-0061
MISC: http://norman.com/abou...
SLACKWARE: SSA:2010-305-01
OVAL: oval:org.mitre.oval:de...