Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable801333.PRM
HistoryJun 21, 2011 - 12:00 a.m.

Mozilla Thunderbird 3.1.x < 3.1.11 Multiple Vulnerabilities

2011-06-2100:00:00
Tenable
www.tenable.com
13

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

JSON

Versions of Thunderbird 3.1.x earlier than 3.1.11 are potentially affected by multiple vulnerabilities :

  • Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365, CVE-2011-2605)

  • A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373)

  • A memory corruption issue due to multipart/x-mixed-replace images could lead to memory corruption. (CVE-2011-2377)

  • When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371)

  • Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085)

  • An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)

Binary data 801333.prm

References

Related

nessus 42
debian 5
openvas 66
suse 3
oraclelinux 4
redhat 4
centos 3
ubuntu 6
osv 3
securityvulns 2
mozilla 4
cve 8
ubuntucve 9
nvd 9
prion 9
cvelist 7
veracode 8
seebug 2
packetstorm 1
canvas 1
exploitpack 1
fireeye 1
zdi 1
nessus
nessus
Mozilla Thunderbird 3.1.x < 3.1.11 Multiple Vulnerabilities
2011-06-21 00:00:00
Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities
2011-06-21 00:00:00
Firefox 3.6 < 3.6.18 Multiple Vulnerabilities
2011-06-21 00:00:00
debian
debian
[BSA-038] Security Update for icedove
2011-07-01 17:25:25
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2268-1] iceweasel security update
2011-07-01 19:32:42
openvas
openvas
Ubuntu: Security Advisory (USN-1149-1)
2011-06-24 00:00:00
Debian: Security Advisory (DSA-2269-1)
2011-08-03 00:00:00
Debian: Security Advisory (DSA-2273-3)
2011-08-03 00:00:00
suse
suse
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
oraclelinux
oraclelinux
seamonkey security update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
redhat
redhat
(RHSA-2011:0888) Critical: seamonkey security update
2011-06-21 00:00:00
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
centos
centos
seamonkey security update
2011-08-14 21:51:22
firefox, xulrunner security update
2011-06-22 23:42:39
thunderbird security update
2011-06-22 23:49:49
ubuntu
ubuntu
Firefox regression
2011-06-29 00:00:00
Firefox and Xulrunner vulnerabilities
2011-06-22 00:00:00
Thunderbird vulnerabilities
2011-07-15 00:00:00
osv
osv
icedove - multiple issues
2011-07-06 00:00:00
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
2011-06-23 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) — Mozilla
2011-06-21 00:00:00
Multiple dangling pointer vulnerabilities — Mozilla
2011-06-21 00:00:00
Use-after-free vulnerability when viewing XUL document with script disabled — Mozilla
2011-06-21 00:00:00
cve
cve
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2365
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
ubuntucve
ubuntucve
CVE-2011-2605
2011-06-30 00:00:00
CVE-2011-2364
2011-06-24 00:00:00
CVE-2011-2365
2011-06-24 00:00:00
nvd
nvd
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
CVE-2011-2365
2011-06-30 16:55:05
prion
prion
Memory corruption
2011-06-30 16:55:00
Crlf injection
2011-06-30 16:55:00
Memory corruption
2011-06-30 16:55:00
cvelist
cvelist
CVE-2011-2365
2011-06-30 16:00:00
CVE-2011-2364
2011-06-30 16:00:00
CVE-2011-2605
2011-06-30 16:00:00
veracode
veracode
CRLF Injection
2020-04-10 00:58:24
Denial Of Service (DoS)
2020-04-10 00:58:23
Arbitrary Code Execution
2020-04-10 00:58:20
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkey Cookie跨域信息泄露漏洞
2011-06-25 00:00:00
Mozilla Firefox/Thunderbird内存破坏漏洞(CVE-2011-2374)
2011-06-25 00:00:00
packetstorm
packetstorm
Mozilla Firefox 4.0.1 Integer Overflow
2012-02-27 00:00:00
canvas
canvas
Immunity Canvas: FIREFOX_ARRAY_REDUCERIGHT
2011-06-30 16:55:00
exploitpack
exploitpack
Mozilla Firefox 4.0.1 - Array.reduceRight() Remote Overflow
2012-02-27 00:00:00
fireeye
fireeye
Using EMET to Disable EMET
2016-02-23 08:00:00
zdi
zdi
Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
2011-06-21 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

JSON
Related for 801333.PRM
nessus42debian5openvas66suse3oraclelinux4redhat4centos3ubuntu6osv3securityvulns2mozilla4cve8ubuntucve9nvd9prion9cvelist7veracode8seebug2packetstorm1canvas1exploitpack1fireeye1zdi1