CVE-2010-3399

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.5.10 through 3.5.11 Mozilla Firefox versions 3.6.4 through 3.6.8 Mozilla Firefox version 4.0 Beta1

Description The issue concerns the js InitRandom function in the JavaScript implementation, which uses a context pointer in conjunction with its successor pointer for seeding a random number generator. This makes it easier for remote attackers to guess the seed value via a brute-force attack.

Recommendations For Mozilla Firefox versions 3.5.10 through 3.5.11, update to a version that fixes this issue. For Mozilla Firefox versions 3.6.4 through 3.6.8, update to a version that fixes this issue. For Mozilla Firefox version 4.0 Beta1, update to a version that fixes this issue.