Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2010-3399

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.

  • Published: Sep 15, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-3399
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
mozilla / firefox 4.0-beta1 4.0-beta1.x
mozilla / firefox 3.5.11 3.5.11.x
mozilla / firefox 3.5.10 3.5.10.x
mozilla / firefox 3.6.8 3.6.8.x
mozilla / firefox 3.6.6 3.6.6.x
mozilla / firefox 3.6.7 3.6.7.x
mozilla / firefox 3.6.4 3.6.4.x