Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable801344.PRM
HistorySep 29, 2011 - 12:00 a.m.

Mozilla Thunderbird 6 Multiple Vulnerabilities

2011-09-2900:00:00
Tenable
www.tenable.com
25

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.598

Percentile

97.8%

JSON

Thunderbird 6.0 is potentially affected by multiple vulnerabilities :

  • If an attacker could trick a user into holding down the β€˜Enter’ key, via a malicious game, for example, a malicious application or extension could be downloaded or executed. (CVE-2011-2372, CVE-2011-3001)

  • Unspecified errors exist that can be exploited to corrupt memory. No additional information is avialable at this time. (CVE-2011-2995, CVE-2011-2997)

  • A weakness exists when handling the β€˜Location’ header. This can lead to response splitting attacks when visiting a vulnerable web server. The same fix has been applied to the headers β€˜Content-Length’ and 'Content-Disposition. (CVE-2011-3000)

  • A use-after-free error exists when parsing OGG headers. (CVE-2011-3005)

  • There is an unspecified error within the YARR regular expression library that can be exploited to corrupt memory. (CVE-2011-3232)

Binary data 801344.prm

Related

nessus 53
suse 8
openvas 57
ubuntu 4
freebsd 1
securityvulns 10
mozilla 5
centos 1
oraclelinux 2
osv 3
redhat 2
debian 4
ibm 2
checkpoint_advisories 2
prion 8
nvd 8
cve 8
ubuntucve 8
cvelist 8
seebug 2
veracode 3
nessus
nessus
Mozilla Thunderbird < 7.0 Multiple Vulnerabilities
2011-09-29 00:00:00
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:142)
2012-09-06 00:00:00
Mozilla Thunderbird < 7.0 Multiple Vulnerabilities
2011-09-29 00:00:00
suse
suse
MozillaThunderbird: Update to Mozilla Thunderbird 3.1.14 (important)
2011-10-04 15:08:20
seamonkey: Update to Mozilla Seamonkey 2.4 (important)
2011-09-29 15:08:19
MozillaFirefox: Update to Firefox 3.6.23 (important)
2011-09-29 16:08:17
openvas
openvas
Ubuntu: Security Advisory (USN-1222-2)
2011-10-10 00:00:00
Ubuntu Update for mozvoikko USN-1222-2
2011-10-10 00:00:00
Mozilla Products Multiple Vulnerabilities - Oct 2011 (Windows)
2011-10-04 00:00:00
ubuntu
ubuntu
Mozvoikko, ubufox, webfav update
2011-10-04 00:00:00
Firefox vulnerabilities
2011-09-29 00:00:00
Firefox and Xulrunner vulnerabilities
2011-09-28 00:00:00
freebsd
freebsd
Mozilla -- multiple vulnerabilities
2011-09-27 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-10-01 00:00:00
Mozilla Foundation Security Advisory 2011-40
2011-10-01 00:00:00
Mozilla Foundation Security Advisory 2011-36
2011-10-01 00:00:00
mozilla
mozilla
Code installation through holding down Enter β€” Mozilla
2011-09-27 00:00:00
Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23) β€” Mozilla
2011-09-27 00:00:00
Use after free reading OGG headers β€” Mozilla
2011-09-27 00:00:00
centos
centos
firefox, xulrunner security update
2011-09-29 03:54:30
oraclelinux
oraclelinux
firefox security update
2011-09-28 00:00:00
thunderbird security update
2011-09-28 00:00:00
osv
osv
iceweasel - several
2011-09-29 00:00:00
iceape - several
2011-09-29 00:00:00
icedove - several
2011-10-05 00:00:00
redhat
redhat
(RHSA-2011:1342) Critical: thunderbird security update
2011-09-28 00:00:00
(RHSA-2011:1341) Critical: firefox security update
2011-09-28 00:00:00
debian
debian
[BSA-048] Security Update for Iceweasel
2011-10-03 09:41:06
[SECURITY] [DSA 2313-1] iceweasel security update
2011-09-29 20:30:47
[SECURITY] [DSA 2317-1] icedove security update
2011-10-05 20:19:05
ibm
ibm
Security Bulletin: Storwize V7000 Unified Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Multiple Location Headers CRLF Injection (CVE-2011-3000)
2012-05-14 00:00:00
Mozilla Multiple Products Multiple Location Headers HTTP Response Splitting (CVE-2011-3000)
2011-12-27 00:00:00
prion
prion
Design/Logic Flaw
2011-09-29 00:55:00
Design/Logic Flaw
2011-09-29 00:55:00
Memory corruption
2011-09-29 00:55:00
nvd
nvd
CVE-2011-3001
2011-09-29 00:55:01
CVE-2011-3005
2011-09-29 00:55:01
CVE-2011-3000
2011-09-29 00:55:01
cve
cve
CVE-2011-3000
2011-09-29 00:55:01
CVE-2011-3005
2011-09-29 00:55:01
CVE-2011-3232
2011-09-29 00:55:01
ubuntucve
ubuntucve
CVE-2011-3000
2011-09-28 00:00:00
CVE-2011-3005
2011-09-30 00:00:00
CVE-2011-3001
2011-09-30 00:00:00
cvelist
cvelist
CVE-2011-3005
2011-09-29 00:00:00
CVE-2011-3000
2011-09-29 00:00:00
CVE-2011-3001
2011-09-29 00:00:00
seebug
seebug
Mozilla FirefoxθΏœη¨‹ε†…ε­˜η ΄εζΌζ΄ž(CVE-2011-2997)
2011-09-29 00:00:00
Mozilla FirefoxθΏœη¨‹ε†…ε­˜η ΄εζΌζ΄ž(CVE-2011-2995)
2011-09-29 00:00:00
veracode
veracode
CRLF Injection
2020-04-10 01:02:44
Arbitrary Code Execution
2020-04-10 01:02:41
Access Control Bypass
2020-04-10 01:02:40

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.598

Percentile

97.8%

JSON
Related for 801344.PRM
nessus53suse8openvas57ubuntu4freebsd1securityvulns10mozilla5centos1oraclelinux2osv3redhat2debian4ibm2checkpoint_advisories2prion8nvd8cve8ubuntucve8cvelist8seebug2veracode3