CVE-2010-3168 | Ubuntu

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	11.04 natty	Fixed 3.6.9+build1+nobinonly-0ubuntu1
	10.10 maverick	Fixed 3.6.9+build1+nobinonly-0ubuntu1
	10.04 LTS lucid	Fixed 3.6.9+build1+nobinonly-0ubuntu0.10.04.1
	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.04 LTS hardy	Ignored
	6.06 LTS dapper	Ignored
firefox-3.0	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	9.04 jaunty	Fixed 3.6.9+build1+nobinonly-0ubuntu0.9.04.1
	8.04 LTS hardy	Fixed 3.6.9+build1+nobinonly-0ubuntu0.8.04.1
	6.06 LTS dapper	Not in release
firefox-3.5	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	9.10 karmic	Fixed 3.6.9+build1+nobinonly-0ubuntu0.9.10.2
	9.04 jaunty	Fixed 3.5.12+build1+nobinonly-0ubuntu0.9.04.1
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
seamonkey	11.04 natty	Fixed 2.0.7+build1+nobinonly-0ubuntu1
	10.10 maverick	Fixed 2.0.7+build1+nobinonly-0ubuntu1
	10.04 LTS lucid	Fixed 2.0.7+build1+nobinonly-0ubuntu0.10.04.1
	9.10 karmic	Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.10.1
	9.04 jaunty	Fixed 2.0.8+build1+nobinonly-0ubuntu0.9.04.1
	8.04 LTS hardy	Fixed 2.0.8+build1+nobinonly-0ubuntu0.8.04.1
	6.06 LTS dapper	Not in release
thunderbird	11.04 natty	Fixed 3.1.3+build1+nobinonly-0ubuntu1
	10.10 maverick	Fixed 3.1.3+build1+nobinonly-0ubuntu1
	10.04 LTS lucid	Fixed 3.0.7+build1+nobinonly-0ubuntu0.10.04.1
	9.10 karmic	Ignored
	9.04 jaunty	Ignored
	8.04 LTS hardy	Ignored
	6.06 LTS dapper	Not in release
xulrunner-1.9.1	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	9.10 karmic	Fixed 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
	9.04 jaunty	Fixed 1.9.1.12+build1+nobinonly-0ubuntu0.9.04.1
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
xulrunner-1.9.2	11.04 natty	Fixed 1.9.2.9+build1+nobinonly-0ubuntu1
	10.10 maverick	Fixed 1.9.2.9+build1+nobinonly-0ubuntu1
	10.04 LTS lucid	Fixed 1.9.2.9+build1+nobinonly-0ubuntu0.10.04.1
	9.10 karmic	Fixed 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
	9.04 jaunty	Fixed 1.9.2.9+build1+nobinonly-0ubuntu0.9.04.1
	8.04 LTS hardy	Fixed 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
	6.06 LTS dapper	Not in release

Notes

jdstrand

CVEs in Firefox are tracked in the xulrunner source packages for builds that use the system xulrunner, and firefox source packages for those that use a static build xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul) xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul) xulrunner-1.9: (ignored) reverse dependencies no longer process web content xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content xulrunner-1.9.2: system xul for reverese dependencies that process web content firefox: Ubuntu 6.06 LTS (static build) firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher) firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x) firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead) firefox-3.5: Ubuntu 9.10 (static build of 3.6.x)

References

Related Ubuntu Security Notices (USN)

USN-975-1
Firefox and Xulrunner vulnerabilities
8 September 2010

USN-978-1
Thunderbird vulnerabilities
8 September 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-3168