Lucene search
MitreCVE-2011-3665HistoryDec 21, 2011 - 4:02 a.m.
CVE-2011-3665
2011-12-2104:02:01
CWE-399
mitre
web.nvd.nist.gov
41
cve-2011-3665
mozilla firefox
thunderbird
seamonkey
denial of service
remote attack
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9.6
Confidence
High
EPSS
0.051
Percentile
93.0%
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.
Affected configurations
Node
mozillafirefoxMatch4.0
ORmozillafirefoxMatch4.0beta1
ORmozillafirefoxMatch4.0beta10
ORmozillafirefoxMatch4.0beta11
ORmozillafirefoxMatch4.0beta12
ORmozillafirefoxMatch4.0beta2
ORmozillafirefoxMatch4.0beta3
ORmozillafirefoxMatch4.0beta4
ORmozillafirefoxMatch4.0beta5
ORmozillafirefoxMatch4.0beta6
ORmozillafirefoxMatch4.0beta7
ORmozillafirefoxMatch4.0beta8
ORmozillafirefoxMatch4.0beta9
ORmozillafirefoxMatch4.0.1
ORmozillafirefoxMatch5.0
ORmozillafirefoxMatch5.0.1
ORmozillafirefoxMatch6.0
ORmozillafirefoxMatch6.0.1
ORmozillafirefoxMatch6.0.2
ORmozillafirefoxMatch7.0
ORmozillafirefoxMatch7.0.1
ORmozillafirefoxMatch8.0
ORmozillaseamonkeyRange≤2.5
ORmozillaseamonkeyMatch1.0
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0dev
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0.1
ORmozillaseamonkeyMatch1.0.2
ORmozillaseamonkeyMatch1.0.3
ORmozillaseamonkeyMatch1.0.4
ORmozillaseamonkeyMatch1.0.5
ORmozillaseamonkeyMatch1.0.6
ORmozillaseamonkeyMatch1.0.7
ORmozillaseamonkeyMatch1.0.8
ORmozillaseamonkeyMatch1.0.9
ORmozillaseamonkeyMatch1.0.99
ORmozillaseamonkeyMatch1.1
ORmozillaseamonkeyMatch1.1alpha
ORmozillaseamonkeyMatch1.1beta
ORmozillaseamonkeyMatch1.1.1
ORmozillaseamonkeyMatch1.1.2
ORmozillaseamonkeyMatch1.1.3
ORmozillaseamonkeyMatch1.1.4
ORmozillaseamonkeyMatch1.1.5
ORmozillaseamonkeyMatch1.1.51.1.10
ORmozillaseamonkeyMatch1.1.6
ORmozillaseamonkeyMatch1.1.7
ORmozillaseamonkeyMatch1.1.8
ORmozillaseamonkeyMatch1.1.9
ORmozillaseamonkeyMatch1.1.10
ORmozillaseamonkeyMatch1.1.11
ORmozillaseamonkeyMatch1.1.12
ORmozillaseamonkeyMatch1.1.13
ORmozillaseamonkeyMatch1.1.14
ORmozillaseamonkeyMatch1.1.15
ORmozillaseamonkeyMatch1.1.16
ORmozillaseamonkeyMatch1.1.17
ORmozillaseamonkeyMatch1.1.18
ORmozillaseamonkeyMatch1.1.19
ORmozillaseamonkeyMatch1.5.0.8
ORmozillaseamonkeyMatch1.5.0.9
ORmozillaseamonkeyMatch1.5.0.10
ORmozillaseamonkeyMatch2.0
ORmozillaseamonkeyMatch2.0alpha_1
ORmozillaseamonkeyMatch2.0alpha_2
ORmozillaseamonkeyMatch2.0alpha_3
ORmozillaseamonkeyMatch2.0beta_1
ORmozillaseamonkeyMatch2.0beta_2
ORmozillaseamonkeyMatch2.0rc1
ORmozillaseamonkeyMatch2.0rc2
ORmozillaseamonkeyMatch2.0.1
ORmozillaseamonkeyMatch2.0.2
ORmozillaseamonkeyMatch2.0.3
ORmozillaseamonkeyMatch2.0.4
ORmozillaseamonkeyMatch2.0.5
ORmozillaseamonkeyMatch2.0.6
ORmozillaseamonkeyMatch2.0.7
ORmozillaseamonkeyMatch2.0.8
ORmozillaseamonkeyMatch2.0.9
ORmozillaseamonkeyMatch2.0.10
ORmozillaseamonkeyMatch2.0.11
ORmozillaseamonkeyMatch2.0.12
ORmozillaseamonkeyMatch2.0.13
ORmozillaseamonkeyMatch2.0.14
ORmozillaseamonkeyMatch2.0a1pre
ORmozillaseamonkeyMatch2.0a1pre
ORmozillaseamonkeyMatch2.1alpha1
ORmozillaseamonkeyMatch2.1alpha2
ORmozillaseamonkeyMatch2.1alpha3
ORmozillaseamonkeyMatch2.3.3
ORmozillathunderbirdMatch5.0
ORmozillathunderbirdMatch6.0
ORmozillathunderbirdMatch6.0.1
ORmozillathunderbirdMatch6.0.2
ORmozillathunderbirdMatch7.0
ORmozillathunderbirdMatch7.0.1
ORmozillathunderbirdMatch8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:* |
| mozilla | firefox | 4.0 | cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html
lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html
osvdb.org/77956
secunia.com/advisories/47302
secunia.com/advisories/47334
www.mandriva.com/security/advisories?name=MDVSA-2011:192
www.mozilla.org/security/announce/2011/mfsa2011-58.html
www.securitytracker.com/id?1026445
www.securitytracker.com/id?1026446
www.securitytracker.com/id?1026447
bugzilla.mozilla.org/show_bug.cgi?id=701259
exchange.xforce.ibmcloud.com/vulnerabilities/71913
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14640
Related
ubuntucve
ubuntucve
CVE-2011-3665
2011-12-20 00:00:00
nvd
nvd
CVE-2011-3665
2011-12-21 04:02:01
mozilla
mozilla
Crash scaling <video> to extreme sizes — Mozilla
2011-12-20 00:00:00
cvelist
cvelist
CVE-2011-3665
2011-12-21 02:00:00
prion
prion
Code injection
2011-12-21 04:02:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2011-58) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities (Dec 2011) - Windows
2011-12-22 00:00:00
Mozilla Products Multiple Vulnerabilities - Dec 11 (MAC OS X)
2011-12-22 00:00:00
nessus
nessus
openSUSE Security Update : seamonkey (openSUSE-SU-2012:0007-1)
2014-06-13 00:00:00
Ubuntu 11.04 / 11.10 : mozvoikko, ubufox update (USN-1306-2)
2012-01-09 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:0039-2)
2014-06-13 00:00:00
suse
suse
MozillaFirefox (important)
2012-02-09 19:09:53
seamonkey (important)
2012-01-05 12:08:18
seamonkey (important)
2012-01-05 12:35:43
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-12-20 00:00:00
ubuntu
ubuntu
Mozvoikko and ubufox update
2012-01-06 00:00:00
Thunderbird vulnerabilities
2012-01-24 00:00:00
Firefox vulnerabilities
2012-01-06 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-01-02 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9.6
Confidence
High
EPSS
0.051
Percentile
93.0%
Related for CVE-2011-3665