The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 up to and including 3.5.11, 3.6.4 up to and including 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote malicious users to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 4.0 |
||
mozilla firefox 3.6.8 |
||
mozilla firefox 3.6.7 |
||
mozilla firefox 3.5.10 |
||
mozilla firefox 3.5.11 |
||
mozilla firefox 3.6.6 |
||
mozilla firefox 3.6.4 |