Launchpad CVE tracker

CVE 2010-2760

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

Related bugs and status

CVE-2010-2760 (Candidate) is related to these bugs:

Bug #469752: firefox,3.5/3.6 startup-notification bug

		In	Importance	Status
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu)	Medium	Invalid
469752	firefox,3.5/3.6 startup-notification bug	Mozilla Firefox	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Suse)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu Lucid)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu Lucid)	Medium	Invalid

Bug #593571: The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.

Summary				In	Importance	Status
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu)	Medium	Fix Released
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu Lucid)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-2760

References