Launchpad CVE tracker

CVE 2010-3131

Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file.

Related bugs and status

CVE-2010-3131 (Candidate) is related to these bugs:

Bug #593571: The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.

Summary				In	Importance	Status
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu)	Medium	Fix Released
	593571	The file jar:file:///usr/lib/seamonkey-2.0.4/chrome/messenger.jar!/content/messenger/am-newsblog.xul cannot be found. Please check the location and try again.		seamonkey (Ubuntu Lucid)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-3131

References