Back to search
CVE-2010-0164
Published: Mar 25, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38921
vdb-entry
x_refsource_BID
38918
vdb-entry
x_refsource_BID
http://www.zerodayinitiative.com/advisories/ZDI-10-047
x_refsource_MISC
MDVSA-2010:070
vendor-advisory
x_refsource_MANDRIVA
https://bugzilla.mozilla.org/show_bug.cgi?id=547143
x_refsource_CONFIRM
ADV-2010-0692
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:8703
vdb-entry
signature
x_refsource_OVAL
http://www.mozilla.org/security/announce/2010/mfsa2010-09.html
x_refsource_CONFIRM
20100402 ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now