Lucene search
MitreCVELIST:CVE-2011-1712HistoryApr 15, 2011 - 8:00 p.m.
CVE-2011-1712
2011-04-1520:00:00
mitre
www.cve.org
7
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
References
scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
www.mozilla.org/security/announce/2011/mfsa2011-18.html
bugzilla.mozilla.org/show_bug.cgi?id=640339
exchange.xforce.ibmcloud.com/vulnerabilities/66836
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14467
Related
cve
cve
CVE-2011-1712
2011-04-15 20:55:00
openvas
openvas
Mozilla Firefox Information Disclosure Vulnerability (Windows)
2011-04-22 00:00:00
Mozilla Firefox Information Disclosure Vulnerability - Windows
2011-04-22 00:00:00
Gentoo Security Advisory GLSA 201301-01
2015-09-29 00:00:00
prion
prion
Design/Logic Flaw
2011-04-15 20:55:00
nvd
nvd
CVE-2011-1712
2011-04-15 20:55:00
ubuntucve
ubuntucve
CVE-2011-1712
2011-04-15 00:00:00
nessus
nessus
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00