National Vulnerability Database (NVD) National Vulnerability Database (CVE-2010-0160)

National Cyber Awareness System

Vulnerability Summary for CVE-2010-0160

Original release date:02/22/2010

Last revised:08/21/2010

Source: US-CERT/NIST

Overview

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

**NOTE: Access Complexity scored Low due to insufficient information

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: VUPEN

Name: ADV-2010-0405

Type: Advisory; Patch Information

Hyperlink:http://www.vupen.com/english/advisories/2010/0405

External Source: CONFIRM

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=534051

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=534051

External Source: CONFIRM

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=533000

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=533000

External Source: CONFIRM

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=531222

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=531222

External Source: XF

Name: mozilla-webworkers-code-execution(56360)

Hyperlink:http://xforce.iss.net/xforce/xfdb/56360

External Source: MISC

Name: http://www.zerodayinitiative.com/advisories/ZDI-10-046

Hyperlink:http://www.zerodayinitiative.com/advisories/ZDI-10-046

External Source: UBUNTU

Name: USN-896-1

Hyperlink:http://www.ubuntu.com/usn/USN-896-1

External Source: UBUNTU

Name: USN-895-1

Hyperlink:http://www.ubuntu.com/usn/USN-895-1

External Source: BUGTRAQ

Name: 20100402 ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/510533/100/0/threaded

External Source: REDHAT

Name: RHSA-2010:0112

Hyperlink:http://www.redhat.com/support/errata/RHSA-2010-0112.html

External Source: CONFIRM

Name: http://www.mozilla.org/security/announce/2010/mfsa2010-02.html

Type: Advisory

Hyperlink:http://www.mozilla.org/security/announce/2010/mfsa2010-02.html

External Source: MANDRIVA

Name: MDVSA-2010:042

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2010:042

External Source: DEBIAN

Name: DSA-1999

Hyperlink:http://www.debian.org/security/2010/dsa-1999

External Source: SECUNIA

Name: 38847

Hyperlink:http://secunia.com/advisories/38847

External Source: SECUNIA

Name: 37242

Type: Advisory

Hyperlink:http://secunia.com/advisories/37242

External Source: OVAL

Name: oval:org.mitre.oval:def:8465

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8465

External Source: OVAL

Name: oval:org.mitre.oval:def:11166

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11166

External Source: SUSE

Name: SUSE-SA:2010:015

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html

External Source: FEDORA

Name: FEDORA-2010-1727

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html

External Source: FEDORA

Name: FEDORA-2010-1936

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html

External Source: FEDORA

Name: FEDORA-2010-1932

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html

References to Check Content

Identifier:oval:org.mitre.oval:def:11166

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11166

Identifier:oval:org.mitre.oval:def:8465

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:8465

Vulnerable software and versions

Configuration 1

* cpe:/a:mozilla:firefox:3.0.17 and previous versions

* cpe:/a:mozilla:firefox:3.0.15

* cpe:/a:mozilla:firefox:3.0.16

* cpe:/a:mozilla:firefox:3.0.14

* cpe:/a:mozilla:firefox:3.0.13

* cpe:/a:mozilla:firefox:3.0.12

* cpe:/a:mozilla:firefox:3.0.11

* cpe:/a:mozilla:firefox:3.0.10

* cpe:/a:mozilla:firefox:3.0.9

* cpe:/a:mozilla:firefox:3.0.8

* cpe:/a:mozilla:firefox:3.0.7

* cpe:/a:mozilla:firefox:3.0.6

* cpe:/a:mozilla:firefox:3.0.5

* cpe:/a:mozilla:firefox:3.0.4

* cpe:/a:mozilla:firefox:3.0.3

* cpe:/a:mozilla:firefox:3.0.2

* cpe:/a:mozilla:firefox:3.0.1

* cpe:/a:mozilla:firefox:3.0

* cpe:/a:mozilla:firefox:3.5

* cpe:/a:mozilla:firefox:3.5.1

* cpe:/a:mozilla:firefox:3.5.2

* cpe:/a:mozilla:firefox:3.5.3

* cpe:/a:mozilla:firefox:3.5.4

* cpe:/a:mozilla:firefox:3.5.5

* cpe:/a:mozilla:firefox:3.5.6

* cpe:/a:mozilla:firefox:3.5.7

Configuration 2

* cpe:/a:mozilla:seamonkey:2.0.2 and previous versions

* cpe:/a:mozilla:seamonkey:2.0.1

* cpe:/a:mozilla:seamonkey:2.0

* cpe:/a:mozilla:seamonkey:2.0:rc2

* cpe:/a:mozilla:seamonkey:2.0:rc1

* cpe:/a:mozilla:seamonkey:2.0:beta_2

* cpe:/a:mozilla:seamonkey:2.0:beta_1

* cpe:/a:mozilla:seamonkey:2.0:alpha_3

* cpe:/a:mozilla:seamonkey:2.0:alpha_2

* cpe:/a:mozilla:seamonkey:2.0:alpha_1

* cpe:/a:mozilla:seamonkey:1.1.17

* cpe:/a:mozilla:seamonkey:1.1.16

* cpe:/a:mozilla:seamonkey:1.1.15

* cpe:/a:mozilla:seamonkey:1.1.14

* cpe:/a:mozilla:seamonkey:1.1.13

* cpe:/a:mozilla:seamonkey:1.1.12

* cpe:/a:mozilla:seamonkey:1.1.11

* cpe:/a:mozilla:seamonkey:1.1.10

* cpe:/a:mozilla:seamonkey:1.0.9

* cpe:/a:mozilla:seamonkey:1.0.8

* cpe:/a:mozilla:seamonkey:1.0.7

* cpe:/a:mozilla:seamonkey:1.0.6

* cpe:/a:mozilla:seamonkey:1.0.5

* cpe:/a:mozilla:seamonkey:1.0.4

* cpe:/a:mozilla:seamonkey:1.0.3

* cpe:/a:mozilla:seamonkey:1.0.2

* cpe:/a:mozilla:seamonkey:1.0.1

* cpe:/a:mozilla:seamonkey:1.0

* cpe:/a:mozilla:seamonkey:1.0:beta

* cpe:/a:mozilla:seamonkey:1.0:alpha

* cpe:/a:mozilla:seamonkey:1.1.9

* cpe:/a:mozilla:seamonkey:1.1.8

* cpe:/a:mozilla:seamonkey:1.1.7

* cpe:/a:mozilla:seamonkey:1.1.6

* cpe:/a:mozilla:seamonkey:1.1.5

* cpe:/a:mozilla:seamonkey:1.1.4

* cpe:/a:mozilla:seamonkey:1.1.3

* cpe:/a:mozilla:seamonkey:1.1.2

* cpe:/a:mozilla:seamonkey:1.1.1

* cpe:/a:mozilla:seamonkey:1.1

* cpe:/a:mozilla:seamonkey:1.1:beta

* cpe:/a:mozilla:seamonkey:1.1:alpha

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Resource Management Errors (CWE-399)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0160