CVE-2010-0165 : The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the bro

The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.

Published 2010-03-25 21:00:00

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionExecute codeDenial of service

Products affected by CVE-2010-0165

Mozilla » Firefox » Version: 3.6
cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2010-0165

EPSS FAQ

3.38%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 86 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2010-0165

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2010-0165

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-0165

https://bugzilla.mozilla.org/show_bug.cgi?id=542849

542849 - (CVE-2010-0165) Assertion failure: targetObj == globalObj in TraceRecorder::traverseScopeChain
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8472

Repository / Oval Repository
http://www.mandriva.com/security/advisories?name=MDVSA-2010:070

mandriva.com

CVEs referencing this url
http://www.mozilla.org/security/announce/2010/mfsa2010-11.html

Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.8/ 1.9.0.18) — Mozilla
Vendor Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/0692

Webmail | OVH- OVH

CVEs referencing this url
http://www.securityfocus.com/bid/38918

RETIRED: Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2010-0165

Products affected by CVE-2010-0165

Exploit prediction scoring system (EPSS) score for CVE-2010-0165

CVSS scores for CVE-2010-0165

CWE ids for CVE-2010-0165

References for CVE-2010-0165