Lucene search
Mozilla FoundationMFSA2011-46HistoryNov 08, 2011 - 12:00 a.m.
loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch) — Mozilla
2011-11-0800:00:00
Mozilla Foundation
www.mozilla.org
15
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.008
Percentile
81.4%
Mozilla security researcher moz_bug_r_a4 reported that the problem described in MFSA 2011-43 and fixed in Firefox 7 also affected Firefox 3.6: a malicious page could potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.
Affected configurations
Node
mozillafirefoxRange<3.6.24
ORmozillathunderbirdRange<3.1.16
Related
openvas
openvas
Mozilla Products Privilege Escalation Vulnerabily (MAC OS X)
2011-11-14 00:00:00
Mozilla Products Privilege Escalation Vulnerabily (Windows)
2011-11-11 00:00:00
Mozilla Products Privilege Escalation Vulnerability (MFSA2011-46) - Mac OS X
2011-11-14 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:06:23
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-46
2011-11-25 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-11-25 00:00:00
cvelist
cvelist
CVE-2011-3647
2011-11-09 11:00:00
ubuntucve
ubuntucve
CVE-2011-3647
2011-11-09 00:00:00
nvd
nvd
CVE-2011-3647
2011-11-09 11:55:03
prion
prion
Design/Logic Flaw
2011-11-09 11:55:00
cve
cve
CVE-2011-3647
2011-11-09 11:55:03
suse
suse
MozillaFirefox (critical)
2011-11-15 15:08:31
Security update for MozillaFirefox (critical)
2011-11-18 22:08:45
Security update for Mozilla Firefox (critical)
2011-11-17 23:08:23
nessus
nessus
RHEL 6 : thunderbird (RHSA-2011:1439)
2011-11-09 00:00:00
SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 7844)
2011-12-13 00:00:00
CentOS 4 / 5 : firefox (CESA-2011:1437)
2011-11-14 00:00:00
osv
osv
icedove - several
2011-11-11 00:00:00
iceape - several
2011-11-09 00:00:00
iceweasel - several
2011-11-09 00:00:00
redhat
redhat
(RHSA-2011:1437) Critical: firefox security update
2011-11-08 00:00:00
(RHSA-2011:1439) Critical: thunderbird security update
2011-11-08 00:00:00
oraclelinux
oraclelinux
firefox security update
2011-11-09 00:00:00
thunderbird security update
2011-11-09 00:00:00
centos
centos
firefox, xulrunner security update
2011-11-09 20:48:22
debian
debian
[SECURITY] [DSA 2341-1] iceweasel security update
2011-11-09 16:45:01
[BSA-056] Security update for Iceweasel
2011-11-11 14:05:42
[SECURITY] [DSA 2342-1] iceape security update
2011-11-09 17:11:40
ubuntu
ubuntu
Thunderbird vulnerabilities
2011-12-22 00:00:00
Firefox and Xulrunner vulnerabilities
2011-11-10 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-11-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.008
Percentile
81.4%
Related for MFSA2011-46