{
  "threat_severity" : "Critical",
  "public_date" : "2010-02-17T00:00:00Z",
  "bugzilla" : {
    "description" : "Mozilla implementation of Web Workers can lead to crash with evidence of memory corruption (MFSA 2010-02)",
    "id" : "566049",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=566049"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "release_date" : "2010-02-17T00:00:00Z",
    "advisory" : "RHSA-2010:0112",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4",
    "package" : "firefox-0:3.0.18-1.el4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2010-02-17T00:00:00Z",
    "advisory" : "RHSA-2010:0112",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:3.0.18-1.el5_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2010-02-17T00:00:00Z",
    "advisory" : "RHSA-2010:0112",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "xulrunner-0:1.9.0.18-1.el5_4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2010-0160\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-0160" ],
  "name" : "CVE-2010-0160",
  "csaw" : false
}