Lucene search
Mozilla FoundationMFSA2011-20HistoryJun 21, 2011 - 12:00 a.m.
Use-after-free vulnerability when viewing XUL document with script disabled — Mozilla
2011-06-2100:00:00
Mozilla Foundation
www.mozilla.org
26
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.107 Low
EPSS
Percentile
95.1%
Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim’s browser and run arbitrary code on their computer.
Affected configurations
Node
mozillafirefoxRange<3.6.18
ORmozillafirefoxRange<5
ORmozillaseamonkeyRange<2.2
ORmozillathunderbirdRange<3.1.11
Related
ubuntucve
ubuntucve
CVE-2011-2373
2011-06-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:58:41
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2011-20) - Linux
2021-11-16 00:00:00
Mozilla Products Multiple Vulnerabilities - 01 - (Jul 2011) - Windows
2011-07-07 00:00:00
Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 01
2011-07-07 00:00:00
cvelist
cvelist
CVE-2011-2373
2011-06-30 16:00:00
cve
cve
CVE-2011-2373
2011-06-30 16:55:05
prion
prion
Design/Logic Flaw
2011-06-30 16:55:00
nvd
nvd
CVE-2011-2373
2011-06-30 16:55:05
osv
osv
icedove - multiple issues
2011-07-06 00:00:00
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
debian
debian
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2269-1] iceape security update
2011-07-01 20:16:48
[SECURITY] [DSA 2268-1] iceweasel security update
2011-07-01 19:32:42
nessus
nessus
Debian DSA-2269-1 : iceape - several vulnerabilities
2011-07-05 00:00:00
Debian DSA-2268-1 : iceweasel - several vulnerabilities
2011-07-05 00:00:00
Debian DSA-2273-1 : icedove - several vulnerabilities
2011-07-07 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2011-06-22 00:00:00
Firefox regression
2011-06-23 00:00:00
mozvoikko, ubufox, webfav update
2011-06-22 00:00:00
suse
suse
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
redhat
redhat
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0888) Critical: seamonkey security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
centos
centos
firefox, xulrunner security update
2011-06-22 23:42:39
thunderbird security update
2011-06-22 23:49:49
seamonkey security update
2011-08-14 21:51:22
oraclelinux
oraclelinux
seamonkey security update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.107 Low
EPSS
Percentile
95.1%
Related for MFSA2011-20