Lucene search
HistoryJun 30, 2011 - 4:55 p.m.
CVE-2011-0083
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.1
Percentile
94.9%
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
Affected configurations
Node
mozillaseamonkeyMatch1.0
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0.1
ORmozillaseamonkeyMatch1.0.2
ORmozillaseamonkeyMatch1.0.3
ORmozillaseamonkeyMatch1.0.4
ORmozillaseamonkeyMatch1.0.5
ORmozillaseamonkeyMatch1.0.6
ORmozillaseamonkeyMatch1.0.7
ORmozillaseamonkeyMatch1.0.8
ORmozillaseamonkeyMatch1.0.9
ORmozillaseamonkeyMatch1.1
ORmozillaseamonkeyMatch1.1alpha
ORmozillaseamonkeyMatch1.1beta
ORmozillaseamonkeyMatch1.1.1
ORmozillaseamonkeyMatch1.1.2
ORmozillaseamonkeyMatch1.1.3
ORmozillaseamonkeyMatch1.1.4
ORmozillaseamonkeyMatch1.1.5
ORmozillaseamonkeyMatch1.1.6
ORmozillaseamonkeyMatch1.1.7
ORmozillaseamonkeyMatch1.1.8
ORmozillaseamonkeyMatch1.1.9
ORmozillaseamonkeyMatch1.1.10
ORmozillaseamonkeyMatch1.1.11
ORmozillaseamonkeyMatch1.1.12
ORmozillaseamonkeyMatch1.1.13
ORmozillaseamonkeyMatch1.1.14
ORmozillaseamonkeyMatch1.1.15
ORmozillaseamonkeyMatch1.1.16
ORmozillaseamonkeyMatch1.1.17
ORmozillaseamonkeyMatch1.1.18
ORmozillaseamonkeyMatch1.1.19
ORmozillaseamonkeyMatch1.5.0.8
ORmozillaseamonkeyMatch1.5.0.9
ORmozillaseamonkeyMatch1.5.0.10
ORmozillaseamonkeyMatch2.0
ORmozillaseamonkeyMatch2.0alpha_1
ORmozillaseamonkeyMatch2.0alpha_2
ORmozillaseamonkeyMatch2.0alpha_3
ORmozillaseamonkeyMatch2.0beta_1
ORmozillaseamonkeyMatch2.0beta_2
ORmozillaseamonkeyMatch2.0rc1
ORmozillaseamonkeyMatch2.0rc2
ORmozillaseamonkeyMatch2.0.1
ORmozillaseamonkeyMatch2.0.2
ORmozillaseamonkeyMatch2.0.3
ORmozillaseamonkeyMatch2.0.4
ORmozillaseamonkeyMatch2.0.5
ORmozillaseamonkeyMatch2.0.6
ORmozillaseamonkeyMatch2.0.7
ORmozillaseamonkeyMatch2.0.8
ORmozillaseamonkeyMatch2.0.9
ORmozillaseamonkeyMatch2.0.10
ORmozillaseamonkeyMatch2.0.11
ORmozillaseamonkeyMatch2.0.12
ORmozillaseamonkeyMatch2.0.13
ORmozillaseamonkeyMatch2.0.14
Node
mozillafirefoxRange≤3.6.17
ORmozillafirefoxMatch1.0
ORmozillafirefoxMatch1.0preview_release
ORmozillafirefoxMatch1.0.1
ORmozillafirefoxMatch1.0.2
ORmozillafirefoxMatch1.0.3
ORmozillafirefoxMatch1.0.4
ORmozillafirefoxMatch1.0.5
ORmozillafirefoxMatch1.0.6
ORmozillafirefoxMatch1.0.7
ORmozillafirefoxMatch1.0.8
ORmozillafirefoxMatch1.5
ORmozillafirefoxMatch1.5beta1
ORmozillafirefoxMatch1.5beta2
ORmozillafirefoxMatch1.5.0.1
ORmozillafirefoxMatch1.5.0.2
ORmozillafirefoxMatch1.5.0.3
ORmozillafirefoxMatch1.5.0.4
ORmozillafirefoxMatch1.5.0.5
ORmozillafirefoxMatch1.5.0.6
ORmozillafirefoxMatch1.5.0.7
ORmozillafirefoxMatch1.5.0.8
ORmozillafirefoxMatch1.5.0.9
ORmozillafirefoxMatch1.5.0.10
ORmozillafirefoxMatch1.5.0.11
ORmozillafirefoxMatch1.5.0.12
ORmozillafirefoxMatch1.5.1
ORmozillafirefoxMatch1.5.2
ORmozillafirefoxMatch1.5.3
ORmozillafirefoxMatch1.5.4
ORmozillafirefoxMatch1.5.5
ORmozillafirefoxMatch1.5.6
ORmozillafirefoxMatch1.5.7
ORmozillafirefoxMatch1.5.8
ORmozillafirefoxMatch2.0
ORmozillafirefoxMatch2.0.0.1
ORmozillafirefoxMatch2.0.0.2
ORmozillafirefoxMatch2.0.0.3
ORmozillafirefoxMatch2.0.0.4
ORmozillafirefoxMatch2.0.0.5
ORmozillafirefoxMatch2.0.0.6
ORmozillafirefoxMatch2.0.0.7
ORmozillafirefoxMatch2.0.0.8
ORmozillafirefoxMatch2.0.0.9
ORmozillafirefoxMatch2.0.0.10
ORmozillafirefoxMatch2.0.0.11
ORmozillafirefoxMatch2.0.0.12
ORmozillafirefoxMatch2.0.0.13
ORmozillafirefoxMatch2.0.0.14
ORmozillafirefoxMatch2.0.0.15
ORmozillafirefoxMatch2.0.0.16
ORmozillafirefoxMatch2.0.0.17
ORmozillafirefoxMatch2.0.0.18
ORmozillafirefoxMatch2.0.0.19
ORmozillafirefoxMatch2.0.0.20
ORmozillafirefoxMatch3.0
ORmozillafirefoxMatch3.0.1
ORmozillafirefoxMatch3.0.2
ORmozillafirefoxMatch3.0.3
ORmozillafirefoxMatch3.0.4
ORmozillafirefoxMatch3.0.5
ORmozillafirefoxMatch3.0.6
ORmozillafirefoxMatch3.0.7
ORmozillafirefoxMatch3.0.8
ORmozillafirefoxMatch3.0.9
ORmozillafirefoxMatch3.0.10
ORmozillafirefoxMatch3.0.11
ORmozillafirefoxMatch3.0.12
ORmozillafirefoxMatch3.0.13
ORmozillafirefoxMatch3.0.14
ORmozillafirefoxMatch3.0.15
ORmozillafirefoxMatch3.0.16
ORmozillafirefoxMatch3.0.17
ORmozillafirefoxMatch3.5
ORmozillafirefoxMatch3.5.1
ORmozillafirefoxMatch3.5.2
ORmozillafirefoxMatch3.5.3
ORmozillafirefoxMatch3.5.4
ORmozillafirefoxMatch3.5.5
ORmozillafirefoxMatch3.5.6
ORmozillafirefoxMatch3.5.7
ORmozillafirefoxMatch3.5.8
ORmozillafirefoxMatch3.5.9
ORmozillafirefoxMatch3.5.10
ORmozillafirefoxMatch3.5.11
ORmozillafirefoxMatch3.5.12
ORmozillafirefoxMatch3.5.13
ORmozillafirefoxMatch3.5.14
ORmozillafirefoxMatch3.5.15
ORmozillafirefoxMatch3.5.16
ORmozillafirefoxMatch3.5.17
ORmozillafirefoxMatch3.5.18
ORmozillafirefoxMatch3.5.19
ORmozillafirefoxMatch3.6
ORmozillafirefoxMatch3.6.2
ORmozillafirefoxMatch3.6.3
ORmozillafirefoxMatch3.6.4
ORmozillafirefoxMatch3.6.6
ORmozillafirefoxMatch3.6.7
ORmozillafirefoxMatch3.6.8
ORmozillafirefoxMatch3.6.9
ORmozillafirefoxMatch3.6.10
ORmozillafirefoxMatch3.6.11
ORmozillafirefoxMatch3.6.12
ORmozillafirefoxMatch3.6.13
ORmozillafirefoxMatch3.6.14
ORmozillafirefoxMatch3.6.15
ORmozillafirefoxMatch3.6.16
Node
mozillathunderbirdRange≤3.1.10
ORmozillathunderbirdMatch0.1
ORmozillathunderbirdMatch0.2
ORmozillathunderbirdMatch0.3
ORmozillathunderbirdMatch0.4
ORmozillathunderbirdMatch0.5
ORmozillathunderbirdMatch0.6
ORmozillathunderbirdMatch0.7
ORmozillathunderbirdMatch0.7.1
ORmozillathunderbirdMatch0.7.2
ORmozillathunderbirdMatch0.7.3
ORmozillathunderbirdMatch0.8
ORmozillathunderbirdMatch0.9
ORmozillathunderbirdMatch1.0
ORmozillathunderbirdMatch1.0.1
ORmozillathunderbirdMatch1.0.2
ORmozillathunderbirdMatch1.0.3
ORmozillathunderbirdMatch1.0.4
ORmozillathunderbirdMatch1.0.5
ORmozillathunderbirdMatch1.0.6
ORmozillathunderbirdMatch1.0.7
ORmozillathunderbirdMatch1.0.8
ORmozillathunderbirdMatch1.5
ORmozillathunderbirdMatch1.5beta2
ORmozillathunderbirdMatch1.5.0.1
ORmozillathunderbirdMatch1.5.0.2
ORmozillathunderbirdMatch1.5.0.3
ORmozillathunderbirdMatch1.5.0.4
ORmozillathunderbirdMatch1.5.0.5
ORmozillathunderbirdMatch1.5.0.6
ORmozillathunderbirdMatch1.5.0.7
ORmozillathunderbirdMatch1.5.0.8
ORmozillathunderbirdMatch1.5.0.9
ORmozillathunderbirdMatch1.5.0.10
ORmozillathunderbirdMatch1.5.0.11
ORmozillathunderbirdMatch1.5.0.12
ORmozillathunderbirdMatch1.5.0.13
ORmozillathunderbirdMatch1.5.0.14
ORmozillathunderbirdMatch1.5.1
ORmozillathunderbirdMatch1.5.2
ORmozillathunderbirdMatch1.7.1
ORmozillathunderbirdMatch1.7.3
ORmozillathunderbirdMatch2.0
ORmozillathunderbirdMatch2.0.0.0
ORmozillathunderbirdMatch2.0.0.1
ORmozillathunderbirdMatch2.0.0.2
ORmozillathunderbirdMatch2.0.0.3
ORmozillathunderbirdMatch2.0.0.4
ORmozillathunderbirdMatch2.0.0.5
ORmozillathunderbirdMatch2.0.0.6
ORmozillathunderbirdMatch2.0.0.7
ORmozillathunderbirdMatch2.0.0.8
ORmozillathunderbirdMatch2.0.0.9
ORmozillathunderbirdMatch2.0.0.12
ORmozillathunderbirdMatch2.0.0.14
ORmozillathunderbirdMatch2.0.0.16
ORmozillathunderbirdMatch2.0.0.17
ORmozillathunderbirdMatch2.0.0.18
ORmozillathunderbirdMatch2.0.0.19
ORmozillathunderbirdMatch2.0.0.21
ORmozillathunderbirdMatch2.0.0.22
ORmozillathunderbirdMatch2.0.0.23
ORmozillathunderbirdMatch3.0
ORmozillathunderbirdMatch3.0.1
ORmozillathunderbirdMatch3.0.2
ORmozillathunderbirdMatch3.0.3
ORmozillathunderbirdMatch3.0.4
ORmozillathunderbirdMatch3.0.5
ORmozillathunderbirdMatch3.0.6
ORmozillathunderbirdMatch3.0.7
ORmozillathunderbirdMatch3.0.8
ORmozillathunderbirdMatch3.0.9
ORmozillathunderbirdMatch3.0.10
ORmozillathunderbirdMatch3.0.11
ORmozillathunderbirdMatch3.1
ORmozillathunderbirdMatch3.1.1
ORmozillathunderbirdMatch3.1.2
ORmozillathunderbirdMatch3.1.3
ORmozillathunderbirdMatch3.1.4
ORmozillathunderbirdMatch3.1.5
ORmozillathunderbirdMatch3.1.6
ORmozillathunderbirdMatch3.1.7
ORmozillathunderbirdMatch3.1.8
ORmozillathunderbirdMatch3.1.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | seamonkey | 1.0 | cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0 | cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0 | cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.1 | cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.2 | cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.3 | cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.4 | cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.5 | cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.6 | cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:* |
| mozilla | seamonkey | 1.0.7 | cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html
secunia.com/advisories/45002
support.avaya.com/css/P8/documents/100144854
support.avaya.com/css/P8/documents/100145333
www.debian.org/security/2011/dsa-2268
www.debian.org/security/2011/dsa-2269
www.debian.org/security/2011/dsa-2273
www.mandriva.com/security/advisories?name=MDVSA-2011:111
www.mozilla.org/security/announce/2011/mfsa2011-23.html
www.redhat.com/support/errata/RHSA-2011-0885.html
www.redhat.com/support/errata/RHSA-2011-0886.html
www.redhat.com/support/errata/RHSA-2011-0887.html
www.redhat.com/support/errata/RHSA-2011-0888.html
www.ubuntu.com/usn/USN-1149-1
bugzilla.mozilla.org/show_bug.cgi?id=648090
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13543
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:58:19
securityvulns
securityvulns
cvelist
cvelist
CVE-2011-0083
2011-06-30 16:00:00
cve
cve
CVE-2011-0083
2011-06-30 16:55:04
ubuntucve
ubuntucve
CVE-2011-0083
2011-06-24 00:00:00
prion
prion
Design/Logic Flaw
2011-06-30 16:55:00
zdi
zdi
mozilla
mozilla
Multiple dangling pointer vulnerabilities — Mozilla
2011-06-21 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities (Jul 2011) - Windows
2011-07-07 00:00:00
Mozilla Products Multiple Vulnerabilities July-11 (Windows)
2011-07-07 00:00:00
Debian Security Advisory DSA 2268-1 (iceweasel)
2011-08-03 00:00:00
osv
osv
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
icedove - multiple issues
2011-07-06 00:00:00
debian
debian
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2268-1] iceweasel security update
2011-07-01 19:32:42
[SECURITY] [DSA 2269-1] iceape security update
2011-07-01 20:16:48
nessus
nessus
Debian DSA-2268-1 : iceweasel - several vulnerabilities
2011-07-05 00:00:00
Debian DSA-2273-1 : icedove - several vulnerabilities
2011-07-07 00:00:00
Debian DSA-2269-1 : iceape - several vulnerabilities
2011-07-05 00:00:00
suse
suse
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
ubuntu
ubuntu
Firefox regression
2011-06-29 00:00:00
Thunderbird vulnerabilities
2011-07-15 00:00:00
Firefox and Xulrunner vulnerabilities
2011-06-22 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
redhat
redhat
(RHSA-2011:0886) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
centos
centos
thunderbird security update
2011-06-22 23:49:49
firefox, xulrunner security update
2011-06-22 23:42:39
seamonkey security update
2011-08-14 21:51:22
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.1
Percentile
94.9%
Related for NVD:CVE-2011-0083