Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-1712
HistoryApr 15, 2011 - 12:00 a.m.

CVE-2011-1712

2011-04-1500:00:00
ubuntu.com
ubuntu.com
23

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.005

Percentile

76.3%

JSON

The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp
and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x
before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows
remote attackers to obtain potentially sensitive information about heap
memory addresses via an XML document containing a call to the XSLT
generate-id XPath function.

Notes

Author Note
micahg This is the same as CVE-2011-1202 that’s referenced in the USNs
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 3.6.17+build3+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchfirefox< 3.6.17+build3+nobinonly-0ubuntu0.10.10.1UNKNOWN
ubuntu11.04noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu12.04noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu12.10noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu13.04noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu13.10noarchfirefox< 4.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu10.04noarchxulrunner-1.9.2< 1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchxulrunner-1.9.2< 1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1UNKNOWN
Rows per page:
1-10 of 111

Related

cve 4
cvelist 4
openvas 57
prion 4
nvd 4
veracode 6
debiancve 1
ubuntucve 1
securityvulns 4
mozilla 1
android 1
nessus 47
fedora 3
ubuntu 7
amazon 1
oraclelinux 2
redhat 3
centos 2
vmware 2
suse 1
tenable 1
gentoo 1
cve
cve
CVE-2011-1712
2011-04-15 20:55:00
CVE-2011-1202
2011-03-11 02:01:20
CVE-2011-0195
2011-04-15 19:55:00
cvelist
cvelist
CVE-2011-1712
2011-04-15 20:00:00
CVE-2011-1202
2011-03-11 01:00:00
CVE-2011-0195
2011-04-15 19:00:00
openvas
openvas
Mozilla Firefox Information Disclosure Vulnerability (Windows)
2011-04-22 00:00:00
Mozilla Firefox Information Disclosure Vulnerability - Windows
2011-04-22 00:00:00
Mandriva Update for libxslt MDVSA-2012:164 (libxslt)
2012-10-12 00:00:00
prion
prion
Design/Logic Flaw
2011-04-15 20:55:00
Design/Logic Flaw
2011-03-11 02:01:00
Design/Logic Flaw
2011-04-15 20:55:00
nvd
nvd
CVE-2011-1712
2011-04-15 20:55:00
CVE-2011-1202
2011-03-11 02:01:20
CVE-2011-0195
2011-04-15 19:55:00
veracode
veracode
Information Leakage
2019-01-15 08:57:24
Denial Of Service (DoS)
2019-05-02 04:43:13
Denial Of Service (DoS)
2019-05-02 04:43:13
debiancve
debiancve
CVE-2011-1202
2011-03-11 02:01:20
ubuntucve
ubuntucve
CVE-2011-1202
2011-03-10 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-18
2011-05-01 00:00:00
[USN-1595-1] libxslt vulnerabilities
2012-10-05 00:00:00
libxslt multiple security vulnerabilities
2012-10-05 00:00:00
mozilla
mozilla
XSLT generate-id() function heap address leak — Mozilla
2011-04-28 00:00:00
android
android
Android Browser Exploit WebKit
2011-02-22 00:00:00
nessus
nessus
RHEL 4 : libxslt (Unpatched Vulnerability)
2024-06-03 00:00:00
Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)
2012-10-12 00:00:00
Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)
2012-09-27 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libxslt-1.1.26-9.fc16
2012-09-27 04:27:12
[SECURITY] Fedora 18 Update: libxslt-1.1.27-2.fc18
2012-12-09 06:31:24
[SECURITY] Fedora 17 Update: libxslt-1.1.26-10.fc17
2012-09-26 09:11:57
ubuntu
ubuntu
Firefox vulnerabilities
2011-04-30 00:00:00
libxslt vulnerabilities
2012-10-04 00:00:00
Firefox and Xulrunner vulnerabilities
2011-04-29 00:00:00
amazon
amazon
Important: libxslt
2012-09-22 21:33:00
oraclelinux
oraclelinux
libxslt security update
2012-09-13 00:00:00
firefox security update
2011-04-29 00:00:00
redhat
redhat
(RHSA-2012:1265) Important: libxslt security update
2012-09-13 00:00:00
(RHSA-2011:0471) Critical: firefox security update
2011-04-28 00:00:00
(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update
2012-10-02 00:00:00
centos
centos
libxslt security update
2012-09-13 18:02:29
firefox, xulrunner security update
2011-04-29 15:48:25
vmware
vmware
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
suse
suse
remote code execution, remote denial of service in MozillaFirefox,seamonkey,MozillaThunderbird
2011-05-05 17:46:39
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.005

Percentile

76.3%

JSON
Related for UB:CVE-2011-1712
cve4cvelist4openvas57prion4nvd4veracode6debiancve1ubuntucve1securityvulns4mozilla1android1nessus47fedora3ubuntu7amazon1oraclelinux2redhat3centos2vmware2suse1tenable1gentoo1