Lucene search
Mozilla FoundationMFSA2011-46HistoryNov 08, 2011 - 12:00 a.m.
loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch) — Mozilla
2011-11-0800:00:00
Mozilla Foundation
www.mozilla.org
10
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.3%
Mozilla security researcher moz_bug_r_a4 reported that the problem described in MFSA 2011-43 and fixed in Firefox 7 also affected Firefox 3.6: a malicious page could potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 3.6.24 | |
| thunderbird | lt | 3.1.16 |
Related
openvas
openvas
Mozilla Products Privilege Escalation Vulnerabily (MAC OS X)
2011-11-14 00:00:00
Mozilla Products Privilege Escalation Vulnerabily (Windows)
2011-11-11 00:00:00
Mozilla Products Privilege Escalation Vulnerability (MFSA2011-46) - Mac OS X
2011-11-14 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:06:23
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-46
2011-11-25 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-11-25 00:00:00
ubuntucve
ubuntucve
CVE-2011-3647
2011-11-09 00:00:00
cve
cve
CVE-2011-3647
2011-11-09 11:55:00
prion
prion
Design/Logic Flaw
2011-11-09 11:55:00
nessus
nessus
Mozilla Firefox < 3.6.24 Multiple Vulnerabilities
2016-06-24 00:00:00
Oracle Linux 4 / 5 / 6 : firefox (ELSA-2011-1437)
2013-07-12 00:00:00
osv
osv
iceape - several
2011-11-09 00:00:00
icedove - several
2011-11-11 00:00:00
iceweasel - several
2011-11-09 00:00:00
oraclelinux
oraclelinux
firefox security update
2011-11-09 00:00:00
thunderbird security update
2011-11-09 00:00:00
redhat
redhat
(RHSA-2011:1437) Critical: firefox security update
2011-11-08 00:00:00
(RHSA-2011:1439) Critical: thunderbird security update
2011-11-08 00:00:00
suse
suse
MozillaFirefox (critical)
2011-11-15 15:08:31
Security update for MozillaFirefox (critical)
2011-11-18 22:08:45
Security update for Mozilla Firefox (critical)
2011-11-17 23:08:23
debian
debian
[SECURITY] [DSA 2341-1] iceweasel security update
2011-11-09 17:00:08
[BSA-056] Security update for Iceweasel
2011-11-16 11:46:20
[SECURITY] [DSA 2342-1] iceape security update
2011-11-09 17:27:12
centos
centos
firefox, xulrunner security update
2011-11-09 20:48:22
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-11-10 00:00:00
Thunderbird vulnerabilities
2011-12-22 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-11-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.3%
Related for MFSA2011-46