CVE-2010-2117

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.0.19, 3.5.x, and 3.6.x

Description The issue allows remote attackers to cause a denial of service due to resource consumption. This can be achieved through JavaScript code that contains an infinite loop, which creates IFRAME elements for invalid news:// or nntp:// URIs.

Recommendations For Mozilla Firefox versions 3.0.19, 3.5.x, and 3.6.x, consider disabling JavaScript execution of infinite loops that create IFRAME elements for invalid URIs as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.