VYPR
Unrated severityNVD Advisory· Published Sep 15, 2010· Updated Jun 16, 2026

CVE-2010-3399

CVE-2010-3399

Description

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
    • (no CPE)range: 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.