Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24565

HistoryApr 10, 2020 - 12:57 a.m.

Arbitrary Code Execution

2020-04-1000:57:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

20

EPSS

0.275

Percentile

96.8%

firefox is vulnerable to arbitrary code execution. A use-after-free flaw was found in the way Firefox appended frame and iframe elements to a DOM tree when the NoScript add-on was enabled. Malicious HTML content could cause Firefox to execute arbitrary code with the privileges of the user running Firefox.

References

blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird

downloads.avaya.com/css/P8/documents/100134543

downloads.avaya.com/css/P8/documents/100144158

www.debian.org/security/2011/dsa-2227

www.debian.org/security/2011/dsa-2228

www.debian.org/security/2011/dsa-2235

www.mandriva.com/security/advisories?name=MDVSA-2011:079

www.mandriva.com/security/advisories?name=MDVSA-2011:080

www.mozilla.org/security/announce/2011/mfsa2011-12.html

www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17

www.securityfocus.com/bid/47655

access.redhat.com/errata/RHSA-2011:0471

access.redhat.com/security/updates/classification/#critical

bugzilla.mozilla.org/show_bug.cgi?id=624187

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14038

EPSS

0.275

Percentile

96.8%

Related for VERACODE:24565

prion5 cve5 cvelist5 nvd5 ubuntucve5 openvas47 redhat2 nessus40 centos2 oraclelinux2 securityvulns2 mozilla1 debian4 osv3 ubuntu5 suse2 gentoo1