CVE-2011-2997

2011-09-2900:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

mozilla

firefox

thunderbird

seamonkey

vulnerability

remote attackers

denial of service

arbitrary code

nvd

cve-2011-2997

9.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.405 Medium

EPSS

Percentile

97.3%

JSON

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq6.0
mozilla:thunderbirdmozilla thunderbirdeq3.0.8
mozilla:thunderbirdmozilla thunderbirdeq3.0.5
mozilla:thunderbirdmozilla thunderbirdeq1.5.0.7
mozilla:thunderbirdmozilla thunderbirdeq0.6
mozilla:thunderbirdmozilla thunderbirdeq0.7.2
mozilla:thunderbirdmozilla thunderbirdeq3.1.8
mozilla:thunderbirdmozilla thunderbirdeq2.0.0.4
mozilla:thunderbirdmozilla thunderbirdeq3.1.11
mozilla:thunderbirdmozilla thunderbirdeq3.0.9

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	6.0
mozilla:thunderbird	mozilla thunderbird	eq	3.0.8
mozilla:thunderbird	mozilla thunderbird	eq	3.0.5
mozilla:thunderbird	mozilla thunderbird	eq	1.5.0.7
mozilla:thunderbird	mozilla thunderbird	eq	0.6
mozilla:thunderbird	mozilla thunderbird	eq	0.7.2
mozilla:thunderbird	mozilla thunderbird	eq	3.1.8
mozilla:thunderbird	mozilla thunderbird	eq	2.0.0.4
mozilla:thunderbird	mozilla thunderbird	eq	3.1.11
mozilla:thunderbird	mozilla thunderbird	eq	3.0.9