Red Hat Customer Portal

Skip to main content

CVE-2010-1198

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

Details Source

Mitre

Public Date

2010-06-22 00:00:00

Impact

Critical

Bugzilla

CVE-2010-1198 Mozilla Freed object reuse across plugin instances

Bugzilla ID

590 828

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (firefox) RHSA-2010:0500 2010-06-22
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (thunderbird) RHSA-2010:0545 2010-07-21
Red Hat Enterprise Linux 5 (firefox) RHSA-2010:0501 2010-06-22
Red Hat Enterprise Linux 5 (thunderbird) RHSA-2010:0545 2010-07-21
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2010:0499 2010-06-22
Red Hat Enterprise Linux 4 (seamonkey) RHSA-2010:0499 2010-06-22
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2010:0544 2010-07-21

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 firefox Affected