Lucene search

K
cvelistMitreCVELIST:CVE-2011-2981
HistoryAug 18, 2011 - 6:00 p.m.

CVE-2011-2981

2011-08-1818:00:00
mitre
www.cve.org

9.5 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.