Lucene search
Tenable6011.PRMHistoryAug 18, 2011 - 12:00 a.m.
Mozilla Thunderbird 3.1.x < 3.1.12 Multiple Vulnerabilities
2011-08-1800:00:00
Tenable
www.tenable.com
26
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.802
Percentile
98.4%
Versions of Mozilla Thunderbird 3.1.x prior to 3.1.12 are affected by the following vulnerabilities :
- Several memory safety bugs exist in the browser engine that may permit remote code execution. (CVE-2011-2982)
- A dangling pointer vulnerability exists in an SVG text manipulation routine. (CVE-2011-0084)
- A dangling pointer vulnerability exists in appendChild, which did not correctly account for DOM objects it operated upon. (CVE-2011-2378)
- A privilege escalation vulnerability in the event management code could permit JavaScript to be run in the wrong context. (CVE-2011-2981)
- A privilege escalation vulnerability exists if a web page registered for drop events and a browser tab element was dropped into the content area. (CVE-2011-2984)
- A binary planing vulnerability in โThinkPadSensor::Startupโ could permit loading a malicious DLL into the running process. (CVE-2011-2980)
- A data leakage vulnerability triggered when RegExp.input was set could allow data from other domains to be read. (CVE-2011-2983)<
Binary data 6011.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | cpe:/a:mozilla:thunderbird |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0084
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2980
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2981
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2982
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2984
www.mozilla.org/security/announce/2011/mfsa2011-32.html
Related
nessus
nessus
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7712)
2011-08-30 00:00:00
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-5050)
2014-06-13 00:00:00
SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 5057)
2011-08-30 00:00:00
suse
suse
MozillaThunderbird: Update to 3.1.12 (important)
2011-08-29 20:08:38
MozillaFirefox: Update to Firefox 3.6.20 (important)
2011-08-26 20:08:19
Security update for Mozilla Firefox (important)
2011-08-29 21:08:22
openvas
openvas
Mandriva Update for mozilla MDVSA-2011:127 (mozilla)
2011-08-19 00:00:00
Mandriva Update for mozilla MDVSA-2011:127 (mozilla)
2011-08-19 00:00:00
CentOS Update for firefox CESA-2011:1164 centos5 x86_64
2012-07-30 00:00:00
mozilla
mozilla
Security issues addressed in Firefox 3.6.20 โ Mozilla
2011-08-16 00:00:00
Security issues addressed in Thunderbird 3.1.12 โ Mozilla
2011-08-16 00:00:00
Security issues addressed in Thunderbird 6 โ Mozilla
2011-08-16 00:00:00
centos
centos
firefox, xulrunner security update
2011-08-16 23:27:06
seamonkey security update
2011-08-16 22:32:01
thunderbird security update
2011-08-16 23:23:07
osv
osv
iceweasel - several
2011-08-17 00:00:00
icedove - several
2011-08-21 00:00:00
iceape - several
2011-08-17 00:00:00
redhat
redhat
(RHSA-2011:1164) Critical: firefox security update
2011-08-16 00:00:00
(RHSA-2011:1166) Critical: thunderbird security update
2011-08-16 00:00:00
(RHSA-2011:1167) Critical: seamonkey security update
2011-08-16 00:00:00
debian
debian
[SECURITY] [DSA 2295-1] iceape security update
2011-08-17 17:37:19
[SECURITY] [DSA 2297-1] icedove security update
2011-08-21 18:57:44
[SECURITY] [DSA 2296-1] iceweasel security update
2011-08-17 19:13:01
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-08-19 00:00:00
Thunderbird vulnerabilities
2011-08-26 00:00:00
Mozvoikko update
2011-08-17 00:00:00
oraclelinux
oraclelinux
firefox security update
2011-08-16 00:00:00
thunderbird security update
2011-08-16 00:00:00
thunderbird security update
2011-08-16 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-08-16 00:00:00
securityvulns
securityvulns
Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities
2011-08-19 00:00:00
ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox
2011-08-19 00:00:00
ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird
2011-08-19 00:00:00
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkeyๅคไธชๅฎๅ
จๆผๆด
2011-08-18 00:00:00
prion
prion
Code injection
2011-08-18 18:55:00
Design/Logic Flaw
2011-08-18 18:55:00
Null pointer dereference
2011-08-18 18:55:00
saint
saint
Firefox sensor.dll Insecure Library Loading
2011-09-13 00:00:00
Firefox sensor.dll Insecure Library Loading
2011-09-13 00:00:00
Firefox sensor.dll Insecure Library Loading
2011-09-13 00:00:00
ubuntucve
ubuntucve
nvd
nvd
cvelist
cvelist
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox and Thunderbird sensor.dll Insecure Library Loading (CVE-2011-2980)
2011-09-27 00:00:00
Mozilla Multiple Products Malformed SVG Use After Free (CVE-2011-0084)
2012-01-03 00:00:00
Mozilla Multiple Products Malformed SVG Use After Free (CVE-2011-0084)
2012-01-03 00:00:00
cve
cve
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:01:41
Arbitrary Code Execution
2020-04-10 01:01:38
Arbitrary Code Execution
2020-04-10 01:01:39
zdi
zdi
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.802
Percentile
98.4%
Related for 6011.PRM