CVE-2010-1121

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*

Information

Published : 2010-03-25 14:00

Updated : 2017-09-18 18:30


NVD link : CVE-2010-1121

Mitre link : CVE-2010-1121


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

mozilla

  • firefox