Lucene search

[email protected]NVD:CVE-2011-3005

HistorySep 29, 2011 - 12:55 a.m.

CVE-2011-3005

2011-09-2900:55:01

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.052 Low

EPSS

Percentile

93.1%

JSON

Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.

Affected configurations

NVD

Node

mozillafirefoxMatch4.0

mozillafirefoxMatch4.0beta1

mozillafirefoxMatch4.0beta10

mozillafirefoxMatch4.0beta11

mozillafirefoxMatch4.0beta12

mozillafirefoxMatch4.0beta2

mozillafirefoxMatch4.0beta3

mozillafirefoxMatch4.0beta4

mozillafirefoxMatch4.0beta5

mozillafirefoxMatch4.0beta6

mozillafirefoxMatch4.0beta7

mozillafirefoxMatch4.0beta8

mozillafirefoxMatch4.0beta9

mozillafirefoxMatch4.0.1

mozillafirefoxMatch5.0

mozillafirefoxMatch6.0

Node

mozillathunderbirdRange≤6.0.2

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.7.1

mozillathunderbirdMatch0.7.2

mozillathunderbirdMatch0.7.3

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.3

mozillathunderbirdMatch1.0.4

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.5beta

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5beta2

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.3

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.5

mozillathunderbirdMatch1.5.0.6

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

mozillathunderbirdMatch1.5.0.10

mozillathunderbirdMatch1.5.0.11

mozillathunderbirdMatch1.5.0.12

mozillathunderbirdMatch1.5.0.13

mozillathunderbirdMatch1.5.0.14

mozillathunderbirdMatch1.5.1

mozillathunderbirdMatch1.5.2

mozillathunderbirdMatch1.7.1

mozillathunderbirdMatch1.7.3

mozillathunderbirdMatch2.0

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.1

mozillathunderbirdMatch2.0.0.2

mozillathunderbirdMatch2.0.0.3

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.7

mozillathunderbirdMatch2.0.0.8

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.11

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.13

mozillathunderbirdMatch2.0.0.14

mozillathunderbirdMatch2.0.0.15

mozillathunderbirdMatch2.0.0.16

mozillathunderbirdMatch2.0.0.17

mozillathunderbirdMatch2.0.0.18

mozillathunderbirdMatch2.0.0.19

mozillathunderbirdMatch2.0.0.20

mozillathunderbirdMatch2.0.0.21

mozillathunderbirdMatch2.0.0.22

mozillathunderbirdMatch2.0.0.23

mozillathunderbirdMatch2.0_.4

mozillathunderbirdMatch2.0_.5

mozillathunderbirdMatch2.0_.6

mozillathunderbirdMatch2.0_.9

mozillathunderbirdMatch2.0_.12

mozillathunderbirdMatch2.0_.13

mozillathunderbirdMatch2.0_.14

mozillathunderbirdMatch2.0_8

mozillathunderbirdMatch3.0

mozillathunderbirdMatch3.0.1

mozillathunderbirdMatch3.0.2

mozillathunderbirdMatch3.0.3

mozillathunderbirdMatch3.0.4

mozillathunderbirdMatch3.0.5

mozillathunderbirdMatch3.0.6

mozillathunderbirdMatch3.0.7

mozillathunderbirdMatch3.0.8

mozillathunderbirdMatch3.0.9

mozillathunderbirdMatch3.0.10

mozillathunderbirdMatch3.0.11

mozillathunderbirdMatch3.1

mozillathunderbirdMatch3.1.1

mozillathunderbirdMatch3.1.2

mozillathunderbirdMatch3.1.3

mozillathunderbirdMatch3.1.4

mozillathunderbirdMatch3.1.5

mozillathunderbirdMatch3.1.6

mozillathunderbirdMatch3.1.7

mozillathunderbirdMatch3.1.8

mozillathunderbirdMatch3.1.9

mozillathunderbirdMatch3.1.10

mozillathunderbirdMatch3.1.11

mozillathunderbirdMatch5.0

Node

mozillaseamonkeyRange≤2.3.3

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0dev

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.0.99

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.51.1.10

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillaseamonkeyMatch1.1.16

mozillaseamonkeyMatch1.1.17

mozillaseamonkeyMatch1.1.18

mozillaseamonkeyMatch1.1.19

mozillaseamonkeyMatch1.5.0.8

mozillaseamonkeyMatch1.5.0.9

mozillaseamonkeyMatch1.5.0.10

mozillaseamonkeyMatch2.0

mozillaseamonkeyMatch2.0alpha_1

mozillaseamonkeyMatch2.0alpha_2

mozillaseamonkeyMatch2.0alpha_3

mozillaseamonkeyMatch2.0beta_1

mozillaseamonkeyMatch2.0beta_2

mozillaseamonkeyMatch2.0rc1

mozillaseamonkeyMatch2.0rc2

mozillaseamonkeyMatch2.0.1

mozillaseamonkeyMatch2.0.2

mozillaseamonkeyMatch2.0.3

mozillaseamonkeyMatch2.0.4

mozillaseamonkeyMatch2.0.5

mozillaseamonkeyMatch2.0.6

mozillaseamonkeyMatch2.0.7

mozillaseamonkeyMatch2.0.8

mozillaseamonkeyMatch2.0.9

mozillaseamonkeyMatch2.0.10

mozillaseamonkeyMatch2.0.11

mozillaseamonkeyMatch2.0.12

mozillaseamonkeyMatch2.0.13

mozillaseamonkeyMatch2.0.14

mozillaseamonkeyMatch2.0a1pre

mozillaseamonkeyMatch2.1alpha1

mozillaseamonkeyMatch2.1alpha2

mozillaseamonkeyMatch2.1alpha3

References

lists.opensuse.org/opensuse-updates/2011-10/msg00002.html

secunia.com/advisories/46315

secunia.com/advisories/49055

www.mandriva.com/security/advisories?name=MDVSA-2011:141

www.mandriva.com/security/advisories?name=MDVSA-2011:142

www.mozilla.org/security/announce/2011/mfsa2011-44.html

bugzilla.mozilla.org/show_bug.cgi?id=675747

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14352

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.052 Low

EPSS

Percentile

93.1%

JSON

Related for NVD:CVE-2011-3005

cve1 prion1 cvelist1 ubuntucve1 openvas13 mozilla1 securityvulns2 nessus24 suse3 ubuntu2 freebsd1 gentoo1