Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1121-1
HistoryApr 30, 2011 - 12:00 a.m.

Firefox vulnerabilities

2011-04-3000:00:00
ubuntu.com
62

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

Low

EPSS

0.186

Percentile

96.3%

JSON

Releases

  • Ubuntu 11.04

Packages

  • firefox - Safe and easy web browser from Mozilla

Details

Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek
discovered multiple memory vulnerabilities. An attacker could exploit these
to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)

It was discovered that there was a vulnerability in the memory handling of
certain types of content. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0081)

It was discovered that Firefox incorrectly handled certain JavaScript
requests. An attacker could exploit this to possibly run arbitrary code as
the user running Firefox. (CVE-2011-0069)

Ian Beer discovered a vulnerability in the memory handling of a certain
types of documents. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0070)

Chris Evans discovered a vulnerability in Firefox’s XSLT generate-id()
function. An attacker could possibly use this vulnerability to make other
attacks more reliable. (CVE-2011-1202)

OSVersionArchitecturePackageVersionFilename
Ubuntu11.04noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchabrowser< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchabrowser-branding< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-branding< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-dbg< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-dev< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-globalmenu< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-gnome-support< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-gnome-support-dbg< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
Ubuntu11.04noarchfirefox-mozsymbols< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN

Related

openvas 64
nessus 55
prion 7
nvd 7
cve 7
cvelist 7
ubuntucve 6
mozilla 2
securityvulns 5
veracode 9
debiancve 1
suse 1
ubuntu 6
centos 2
oraclelinux 3
redhat 3
debian 4
osv 3
android 1
fedora 3
amazon 1
vmware 2
openvas
openvas
Ubuntu Update for firefox USN-1121-1
2011-05-10 00:00:00
Ubuntu: Security Advisory (USN-1121-1)
2011-05-10 00:00:00
Mozilla Products Multiple Vulnerabilities - 01 - (May 2011) - Windows
2011-05-18 00:00:00
nessus
nessus
Ubuntu 11.04 : Firefox vulnerabilities (USN-1121-1)
2011-06-13 00:00:00
Firefox 4.0 < 4.0.1 Multiple Vulnerabilities
2011-04-29 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-4457)
2014-06-13 00:00:00
prion
prion
Memory corruption
2011-05-07 18:55:00
Memory corruption
2011-05-07 18:55:00
Memory corruption
2011-05-07 18:55:00
nvd
nvd
CVE-2011-0070
2011-05-07 18:55:01
CVE-2011-0069
2011-05-07 18:55:01
CVE-2011-0079
2011-05-07 18:55:01
cve
cve
CVE-2011-0069
2011-05-07 18:55:01
CVE-2011-0070
2011-05-07 18:55:01
CVE-2011-0079
2011-05-07 18:55:01
cvelist
cvelist
CVE-2011-0069
2011-05-07 18:00:00
CVE-2011-0070
2011-05-07 18:00:00
CVE-2011-0079
2011-05-07 18:00:00
ubuntucve
ubuntucve
CVE-2011-0069
2011-05-04 00:00:00
CVE-2011-0070
2011-05-04 00:00:00
CVE-2011-0081
2011-05-04 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19) — Mozilla
2011-04-28 00:00:00
XSLT generate-id() function heap address leak — Mozilla
2011-04-28 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-12
2011-05-01 00:00:00
Mozilla Foundation Security Advisory 2011-18
2011-05-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-05-11 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:56:30
Arbitrary Code Execution
2020-04-10 00:56:34
Information Leakage
2019-01-15 08:57:24
debiancve
debiancve
CVE-2011-1202
2011-03-11 02:01:20
suse
suse
remote code execution, remote denial of service in MozillaFirefox,seamonkey,MozillaThunderbird
2011-05-05 17:46:39
ubuntu
ubuntu
Thunderbird regression
2011-06-06 00:00:00
Firefox and Xulrunner vulnerabilities
2011-04-29 00:00:00
Thunderbird vulnerabilities
2011-05-05 00:00:00
centos
centos
firefox, xulrunner security update
2011-04-29 15:48:25
libxslt security update
2012-09-13 18:02:29
oraclelinux
oraclelinux
firefox security update
2011-04-29 00:00:00
thunderbird security update
2011-04-29 00:00:00
libxslt security update
2012-09-13 00:00:00
redhat
redhat
(RHSA-2011:0471) Critical: firefox security update
2011-04-28 00:00:00
(RHSA-2011:0475) Critical: thunderbird security update
2011-04-28 00:00:00
(RHSA-2012:1265) Important: libxslt security update
2012-09-13 00:00:00
debian
debian
[SECURITY] [DSA 2235-1] icedove security update
2011-05-10 19:59:51
[SECURITY] [DSA 2228-1] iceweasel security update
2011-05-01 16:34:39
[SECURITY] [DSA 2227-1] iceape security update
2011-04-30 14:52:24
osv
osv
iceape - several
2011-04-30 00:00:00
icedove - several
2011-05-10 00:00:00
iceweasel - several
2011-05-01 00:00:00
android
android
Android Browser Exploit WebKit
2011-02-22 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: libxslt-1.1.27-2.fc18
2012-12-09 06:31:24
[SECURITY] Fedora 17 Update: libxslt-1.1.26-10.fc17
2012-09-26 09:11:57
[SECURITY] Fedora 16 Update: libxslt-1.1.26-9.fc16
2012-09-27 04:27:12
amazon
amazon
Important: libxslt
2012-09-22 21:33:00
vmware
vmware
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

Low

EPSS

0.186

Percentile

96.3%

JSON
Related for USN-1121-1
openvas64nessus55prion7nvd7cve7cvelist7ubuntucve6mozilla2securityvulns5veracode9debiancve1suse1ubuntu6centos2oraclelinux3redhat3debian4osv3android1fedora3amazon1vmware2