CVE-2011-0992

2011-04-1321:55:00

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

AI Score

7.3

Confidence

High

EPSS

0.023

Percentile

89.7%

JSON

Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance.

Affected configurations

Nvd

Node

monomono

novellmoonlightMatch2.0

novellmoonlightMatch2.3.0

novellmoonlightMatch2.4

novellmoonlightMatch2.31

novellmoonlightMatch3.0

novellmoonlightMatch3.99

VendorProductVersionCPE
monomono*cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*
novellmoonlight2.0cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*
novellmoonlight2.3.0cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*
novellmoonlight2.4cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*
novellmoonlight2.31cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*
novellmoonlight3.0cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*
novellmoonlight3.99cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mono	mono	*	cpe:2.3:a:mono:mono::::::::
novell	moonlight	2.0	cpe:2.3:a:novell:moonlight:2.0:::::::*
novell	moonlight	2.3.0	cpe:2.3:a:novell:moonlight:2.3.0:::::::*
novell	moonlight	2.4	cpe:2.3:a:novell:moonlight:2.4:::::::*
novell	moonlight	2.31	cpe:2.3:a:novell:moonlight:2.31:::::::*
novell	moonlight	3.0	cpe:2.3:a:novell:moonlight:3.0:::::::*
novell	moonlight	3.99	cpe:2.3:a:novell:moonlight:3.99:::::::*