Ubuntu.comUB:CVE-2011-3650CVE-2011-3650
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
84.3%
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before
3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that
contain many functions, which allows user-assisted remote attackers to
cause a denial of service (memory corruption and application crash) or
possibly have unspecified other impact via a crafted file that is accessed
by debugging APIs, as demonstrated by Firebug.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 3.6.24+build2+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | firefox | < 3.6.24+build2+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 8.0+build1-0ubuntu0.11.04.3 | UNKNOWN |
| ubuntu | 11.10 | noarch | firefox | < 8.0+build1-0ubuntu0.11.10.3 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 3.1.16+build2+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | thunderbird | < 3.1.16+build2+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | thunderbird | < 3.1.16+build2+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | thunderbird | < 8.0+build1-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | xulrunner-1.9.2 | < 1.9.2.24+build2+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | xulrunner-1.9.2 | < 1.9.2.24+build2+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2011-3650
nvd.nist.gov/vuln/detail/CVE-2011-3650
security-tracker.debian.org/tracker/CVE-2011-3650
ubuntu.com/security/notices/USN-1251-1
ubuntu.com/security/notices/USN-1254-1
ubuntu.com/security/notices/USN-1277-1
ubuntu.com/security/notices/USN-1282-1
www.cve.org/CVERecord?id=CVE-2011-3650
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
84.3%