Lucene search
MitreCVE-2011-2997HistorySep 29, 2011 - 12:55 a.m.
CVE-2011-2997
2011-09-2900:55:01
mitre
web.nvd.nist.gov
41
mozilla
firefox
thunderbird
seamonkey
vulnerability
remote attackers
denial of service
arbitrary code
nvd
cve-2011-2997
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
9.9
Confidence
High
EPSS
0.423
Percentile
97.3%
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Affected configurations
Node
mozillafirefoxMatch6.0
Node
mozillathunderbirdRangeβ€6.0.2
ORmozillathunderbirdMatch0.1
ORmozillathunderbirdMatch0.2
ORmozillathunderbirdMatch0.3
ORmozillathunderbirdMatch0.4
ORmozillathunderbirdMatch0.5
ORmozillathunderbirdMatch0.6
ORmozillathunderbirdMatch0.7
ORmozillathunderbirdMatch0.7.1
ORmozillathunderbirdMatch0.7.2
ORmozillathunderbirdMatch0.7.3
ORmozillathunderbirdMatch0.8
ORmozillathunderbirdMatch0.9
ORmozillathunderbirdMatch1.0
ORmozillathunderbirdMatch1.0.1
ORmozillathunderbirdMatch1.0.2
ORmozillathunderbirdMatch1.0.3
ORmozillathunderbirdMatch1.0.4
ORmozillathunderbirdMatch1.0.5
ORmozillathunderbirdMatch1.0.5beta
ORmozillathunderbirdMatch1.0.6
ORmozillathunderbirdMatch1.0.7
ORmozillathunderbirdMatch1.0.8
ORmozillathunderbirdMatch1.5
ORmozillathunderbirdMatch1.5beta2
ORmozillathunderbirdMatch1.5.0.1
ORmozillathunderbirdMatch1.5.0.2
ORmozillathunderbirdMatch1.5.0.3
ORmozillathunderbirdMatch1.5.0.4
ORmozillathunderbirdMatch1.5.0.5
ORmozillathunderbirdMatch1.5.0.6
ORmozillathunderbirdMatch1.5.0.7
ORmozillathunderbirdMatch1.5.0.8
ORmozillathunderbirdMatch1.5.0.9
ORmozillathunderbirdMatch1.5.0.10
ORmozillathunderbirdMatch1.5.0.11
ORmozillathunderbirdMatch1.5.0.12
ORmozillathunderbirdMatch1.5.0.13
ORmozillathunderbirdMatch1.5.0.14
ORmozillathunderbirdMatch1.5.1
ORmozillathunderbirdMatch1.5.2
ORmozillathunderbirdMatch1.7.1
ORmozillathunderbirdMatch1.7.3
ORmozillathunderbirdMatch2.0
ORmozillathunderbirdMatch2.0.0.0
ORmozillathunderbirdMatch2.0.0.1
ORmozillathunderbirdMatch2.0.0.2
ORmozillathunderbirdMatch2.0.0.3
ORmozillathunderbirdMatch2.0.0.4
ORmozillathunderbirdMatch2.0.0.5
ORmozillathunderbirdMatch2.0.0.6
ORmozillathunderbirdMatch2.0.0.7
ORmozillathunderbirdMatch2.0.0.8
ORmozillathunderbirdMatch2.0.0.9
ORmozillathunderbirdMatch2.0.0.11
ORmozillathunderbirdMatch2.0.0.12
ORmozillathunderbirdMatch2.0.0.13
ORmozillathunderbirdMatch2.0.0.14
ORmozillathunderbirdMatch2.0.0.15
ORmozillathunderbirdMatch2.0.0.16
ORmozillathunderbirdMatch2.0.0.17
ORmozillathunderbirdMatch2.0.0.18
ORmozillathunderbirdMatch2.0.0.19
ORmozillathunderbirdMatch2.0.0.20
ORmozillathunderbirdMatch2.0.0.21
ORmozillathunderbirdMatch2.0.0.22
ORmozillathunderbirdMatch2.0.0.23
ORmozillathunderbirdMatch2.0_.4
ORmozillathunderbirdMatch2.0_.5
ORmozillathunderbirdMatch2.0_.6
ORmozillathunderbirdMatch2.0_.9
ORmozillathunderbirdMatch2.0_.12
ORmozillathunderbirdMatch2.0_.13
ORmozillathunderbirdMatch2.0_.14
ORmozillathunderbirdMatch2.0_8
ORmozillathunderbirdMatch3.0
ORmozillathunderbirdMatch3.0.1
ORmozillathunderbirdMatch3.0.2
ORmozillathunderbirdMatch3.0.3
ORmozillathunderbirdMatch3.0.4
ORmozillathunderbirdMatch3.0.5
ORmozillathunderbirdMatch3.0.6
ORmozillathunderbirdMatch3.0.7
ORmozillathunderbirdMatch3.0.8
ORmozillathunderbirdMatch3.0.9
ORmozillathunderbirdMatch3.0.10
ORmozillathunderbirdMatch3.0.11
ORmozillathunderbirdMatch3.1
ORmozillathunderbirdMatch3.1.1
ORmozillathunderbirdMatch3.1.2
ORmozillathunderbirdMatch3.1.3
ORmozillathunderbirdMatch3.1.4
ORmozillathunderbirdMatch3.1.5
ORmozillathunderbirdMatch3.1.6
ORmozillathunderbirdMatch3.1.7
ORmozillathunderbirdMatch3.1.8
ORmozillathunderbirdMatch3.1.9
ORmozillathunderbirdMatch3.1.10
ORmozillathunderbirdMatch3.1.11
ORmozillathunderbirdMatch5.0
Node
mozillaseamonkeyRangeβ€2.3.3
ORmozillaseamonkeyMatch1.0
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0dev
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0.1
ORmozillaseamonkeyMatch1.0.2
ORmozillaseamonkeyMatch1.0.3
ORmozillaseamonkeyMatch1.0.4
ORmozillaseamonkeyMatch1.0.5
ORmozillaseamonkeyMatch1.0.6
ORmozillaseamonkeyMatch1.0.7
ORmozillaseamonkeyMatch1.0.8
ORmozillaseamonkeyMatch1.0.9
ORmozillaseamonkeyMatch1.0.99
ORmozillaseamonkeyMatch1.1
ORmozillaseamonkeyMatch1.1alpha
ORmozillaseamonkeyMatch1.1beta
ORmozillaseamonkeyMatch1.1.1
ORmozillaseamonkeyMatch1.1.2
ORmozillaseamonkeyMatch1.1.3
ORmozillaseamonkeyMatch1.1.4
ORmozillaseamonkeyMatch1.1.5
ORmozillaseamonkeyMatch1.1.51.1.10
ORmozillaseamonkeyMatch1.1.6
ORmozillaseamonkeyMatch1.1.7
ORmozillaseamonkeyMatch1.1.8
ORmozillaseamonkeyMatch1.1.9
ORmozillaseamonkeyMatch1.1.10
ORmozillaseamonkeyMatch1.1.11
ORmozillaseamonkeyMatch1.1.12
ORmozillaseamonkeyMatch1.1.13
ORmozillaseamonkeyMatch1.1.14
ORmozillaseamonkeyMatch1.1.15
ORmozillaseamonkeyMatch1.1.16
ORmozillaseamonkeyMatch1.1.17
ORmozillaseamonkeyMatch1.1.18
ORmozillaseamonkeyMatch1.1.19
ORmozillaseamonkeyMatch1.5.0.8
ORmozillaseamonkeyMatch1.5.0.9
ORmozillaseamonkeyMatch1.5.0.10
ORmozillaseamonkeyMatch2.0
ORmozillaseamonkeyMatch2.0alpha_1
ORmozillaseamonkeyMatch2.0alpha_2
ORmozillaseamonkeyMatch2.0alpha_3
ORmozillaseamonkeyMatch2.0beta_1
ORmozillaseamonkeyMatch2.0beta_2
ORmozillaseamonkeyMatch2.0rc1
ORmozillaseamonkeyMatch2.0rc2
ORmozillaseamonkeyMatch2.0.1
ORmozillaseamonkeyMatch2.0.2
ORmozillaseamonkeyMatch2.0.3
ORmozillaseamonkeyMatch2.0.4
ORmozillaseamonkeyMatch2.0.5
ORmozillaseamonkeyMatch2.0.6
ORmozillaseamonkeyMatch2.0.7
ORmozillaseamonkeyMatch2.0.8
ORmozillaseamonkeyMatch2.0.9
ORmozillaseamonkeyMatch2.0.10
ORmozillaseamonkeyMatch2.0.11
ORmozillaseamonkeyMatch2.0.12
ORmozillaseamonkeyMatch2.0.13
ORmozillaseamonkeyMatch2.0.14
ORmozillaseamonkeyMatch2.0a1pre
ORmozillaseamonkeyMatch2.0a1pre
ORmozillaseamonkeyMatch2.1alpha1
ORmozillaseamonkeyMatch2.1alpha2
ORmozillaseamonkeyMatch2.1alpha3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | 6.0 | cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.1 | cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.2 | cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.3 | cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.4 | cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.5 | cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.6 | cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.7 | cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:* |
| mozilla | thunderbird | 0.7.1 | cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-updates/2011-10/msg00002.html
secunia.com/advisories/46315
www.mandriva.com/security/advisories?name=MDVSA-2011:141
www.mandriva.com/security/advisories?name=MDVSA-2011:142
www.mozilla.org/security/announce/2011/mfsa2011-36.html
bugzilla.mozilla.org/show_bug.cgi?id=552002
bugzilla.mozilla.org/show_bug.cgi?id=657198
bugzilla.mozilla.org/show_bug.cgi?id=658864
bugzilla.mozilla.org/show_bug.cgi?id=661567
bugzilla.mozilla.org/show_bug.cgi?id=664930
bugzilla.mozilla.org/show_bug.cgi?id=667011
bugzilla.mozilla.org/show_bug.cgi?id=667507
bugzilla.mozilla.org/show_bug.cgi?id=668941
bugzilla.mozilla.org/show_bug.cgi?id=669228
bugzilla.mozilla.org/show_bug.cgi?id=670319
bugzilla.mozilla.org/show_bug.cgi?id=671756
bugzilla.mozilla.org/show_bug.cgi?id=672436
bugzilla.mozilla.org/show_bug.cgi?id=673757
bugzilla.mozilla.org/show_bug.cgi?id=678818
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13911
Related
openvas
openvas
prion
prion
Memory corruption
2011-09-29 00:55:00
seebug
seebug
Mozilla FirefoxθΏη¨ε
εη ΄εζΌζ΄(CVE-2011-2997)
2011-09-29 00:00:00
cvelist
cvelist
CVE-2011-2997
2011-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2011-2997
2011-09-30 00:00:00
nvd
nvd
CVE-2011-2997
2011-09-29 00:55:01
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-36
2011-10-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-10-01 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23) β Mozilla
2011-09-27 00:00:00
nessus
nessus
Mozilla Thunderbird < 7.0 Multiple Vulnerabilities
2011-09-29 00:00:00
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:142)
2012-09-06 00:00:00
Mozilla Thunderbird < 7.0 Multiple Vulnerabilities
2011-09-29 00:00:00
suse
suse
MozillaThunderbird: Update to Mozilla Thunderbird 3.1.14 (important)
2011-10-04 15:08:20
seamonkey: Update to Mozilla Seamonkey 2.4 (important)
2011-09-29 15:08:19
ubuntu
ubuntu
Mozvoikko, ubufox, webfav update
2011-10-04 00:00:00
Firefox vulnerabilities
2011-09-29 00:00:00
freebsd
freebsd
Mozilla -- multiple vulnerabilities
2011-09-27 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
9.9
Confidence
High
EPSS
0.423
Percentile
97.3%
Related for CVE-2011-2997