10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.598 Medium
EPSS
Percentile
97.8%
The Mozilla Project reports:
MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 /
rv:1.9.2.23)
MFSA 2011-37 Integer underflow when using JavaScript RegExp
MFSA 2011-38 XSS via plugins and shadowed window.location
object
MFSA 2011-39 Defense against multiple Location headers due to
CRLF Injection
MFSA 2011-40 Code installation through holding down Enter
MFSA 2011-41 Potentially exploitable WebGL crashes
MFSA 2011-42 Potentially exploitable crash in the YARR regular
expression library
MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope
parameter
MFSA 2011-44 Use after free reading OGG headers
MFSA 2011-45 Inferring Keystrokes from motion data
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 7.0,1 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 1.9.2.23 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 7.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.4 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 7.0 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.4 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 7.0 | UNKNOWN |
www.mozilla.org/security/announce/2011/mfsa2011-36.html
www.mozilla.org/security/announce/2011/mfsa2011-37.html
www.mozilla.org/security/announce/2011/mfsa2011-38.html
www.mozilla.org/security/announce/2011/mfsa2011-39.html
www.mozilla.org/security/announce/2011/mfsa2011-40.html
www.mozilla.org/security/announce/2011/mfsa2011-41.html
www.mozilla.org/security/announce/2011/mfsa2011-42.html
www.mozilla.org/security/announce/2011/mfsa2011-43.html
www.mozilla.org/security/announce/2011/mfsa2011-44.html
www.mozilla.org/security/announce/2011/mfsa2011-45.html