Bug 615458 (CVE-2010-1208)

Summary:	CVE-2010-1208 Mozilla DOM attribute cloning remote code execution vulnerability
Product:	[Other] Security Response	Reporter:	Josh Bressers <bressers>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED ERRATA	QA Contact:
Severity:	urgent	Docs Contact:
Priority:	urgent
Version:	unspecified	CC:	gecko-bugs-nobody, jhorak, jlieskov, security-response-team, stransky, vdanen
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2013-04-12 19:00:31 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Josh Bressers 2010-07-16 19:13:06 UTC

Security researcher regenrecht reported via TippingPoint's Zero Day
Initiative an error in the DOM attribute cloning routine where under
certain circumstances an event attribute node can be deleted while another
object still contains a reference to it. This reference could subsequently
be accessed, potentially causing the execution of attacker controlled
memory.

Comment 1 Vincent Danen 2010-07-21 00:04:25 UTC

This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-35.html

Comment 2 errata-xmlrpc 2010-07-21 01:09:31 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2010:0547 https://rhn.redhat.com/errata/RHSA-2010-0547.html

Comment 3 Fedora Update System 2010-07-23 02:30:21 UTC

seamonkey-2.0.6-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 4 Fedora Update System 2010-07-23 02:35:49 UTC

xulrunner-1.9.2.7-1.fc13, firefox-3.6.7-1.fc13, mozvoikko-1.0-12.fc13, gnome-web-photo-0.9-10.fc13, perl-Gtk2-MozEmbed-0.08-6.fc13.15, gnome-python2-extras-2.25.3-20.fc13, galeon-2.0.7-30.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 5 Fedora Update System 2010-07-23 02:42:08 UTC

seamonkey-2.0.6-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 6 Fedora Update System 2010-07-23 02:45:49 UTC

xulrunner-1.9.1.11-1.fc12, firefox-3.5.11-1.fc12, gnome-web-photo-0.9-8.fc12, mozvoikko-1.0-11.fc12, perl-Gtk2-MozEmbed-0.08-6.fc12.14, gnome-python2-extras-2.25.3-19.fc12, galeon-2.0.7-24.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.