The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-09-09T18:00:00

Updated: 2024-08-07T03:03:17.938Z

Reserved: 2010-08-27T00:00:00

Link: CVE-2010-3167

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-09-09T19:00:02.670

Modified: 2024-11-21T01:18:10.963

Link: CVE-2010-3167

cve-icon Redhat

Severity : Critical

Publid Date: 2010-09-07T00:00:00Z

Links: CVE-2010-3167 - Bugzilla