Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable5964.PRM
HistoryJun 21, 2011 - 12:00 a.m.

Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities

2011-06-2100:00:00
Tenable
www.tenable.com
10

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.548 Medium

EPSS

Percentile

97.7%

JSON

Versions of Firefox 3.6.x earlier than 3.6.18 are potentially affected by multiple vulnerabilities :

  • Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365, CVE-2011-2605)
  • A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373)
  • A memory corruption issue due to multipart/x-mixed-replace images could lead to memory corruption. (CVE-2011-2377)
  • When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-211-2371)
  • Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085)
  • An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)
Binary data 5964.prm
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

References

Related

nessus 38
openvas 62
oraclelinux 4
redhat 4
centos 3
ubuntu 3
debian 5
suse 3
osv 3
securityvulns 3
mozilla 4
prion 10
cvelist 10
cve 11
ubuntucve 11
nvd 10
veracode 10
seebug 2
zdi 3
nessus
nessus
Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities
2011-06-21 00:00:00
Mozilla Thunderbird 3.1.x < 3.1.11 Multiple Vulnerabilities
2011-06-21 00:00:00
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7596)
2011-12-13 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2011-0886)
2015-10-06 00:00:00
Ubuntu: Security Advisory (USN-1149-1)
2011-06-24 00:00:00
Debian: Security Advisory (DSA-2268-1)
2011-08-03 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
redhat
redhat
(RHSA-2011:0888) Critical: seamonkey security update
2011-06-21 00:00:00
(RHSA-2011:0886) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
centos
centos
seamonkey security update
2011-08-14 21:51:22
firefox, xulrunner security update
2011-06-22 23:42:39
thunderbird security update
2011-06-22 23:49:49
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-06-22 00:00:00
Thunderbird vulnerabilities
2011-07-15 00:00:00
Firefox regression
2011-06-29 00:00:00
debian
debian
[BSA-038] Security Update for icedove
2011-07-01 17:25:25
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2273-1] icedove security update
2011-07-06 18:34:07
suse
suse
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
osv
osv
icedove - multiple issues
2011-07-06 00:00:00
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
2011-06-23 00:00:00
ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability
2011-06-23 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) — Mozilla
2011-06-21 00:00:00
Multiple dangling pointer vulnerabilities — Mozilla
2011-06-21 00:00:00
Memory corruption due to multipart/x-mixed-replace images — Mozilla
2011-06-21 00:00:00
prion
prion
Memory corruption
2011-06-30 16:55:00
Crlf injection
2011-06-30 16:55:00
Memory corruption
2011-06-30 16:55:00
cvelist
cvelist
CVE-2011-2605
2011-06-30 16:00:00
CVE-2011-2364
2011-06-30 16:00:00
CVE-2011-2365
2011-06-30 16:00:00
cve
cve
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2365
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
ubuntucve
ubuntucve
CVE-2011-2605
2011-06-30 00:00:00
CVE-2011-2365
2011-06-24 00:00:00
CVE-2011-2364
2011-06-24 00:00:00
nvd
nvd
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2365
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
veracode
veracode
CRLF Injection
2020-04-10 00:58:24
Denial Of Service (DoS)
2020-04-10 00:58:23
Arbitrary Code Execution
2020-04-10 00:58:20
seebug
seebug
Mozilla Firefox/Thunderbird内存破坏漏洞(CVE-2011-2374)
2011-06-25 00:00:00
Mozilla Firefox/Thunderbird/SeaMonkey Cookie跨域信息泄露漏洞
2011-06-25 00:00:00
zdi
zdi
Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability
2011-06-21 00:00:00
Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
2011-06-21 00:00:00
Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability
2011-06-21 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.548 Medium

EPSS

Percentile

97.7%

JSON
Related for 5964.PRM
nessus38openvas62oraclelinux4redhat4centos3ubuntu3debian5suse3osv3securityvulns3mozilla4prion10cvelist10cve11ubuntucve11nvd10veracode10seebug2zdi3