Lucene search
Mozilla FoundationMFSA2011-55HistoryDec 20, 2011 - 12:00 a.m.
nsSVGValue out-of-bounds access — Mozilla
2011-12-2000:00:00
Mozilla Foundation
www.mozilla.org
23
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.955 High
EPSS
Percentile
99.4%
Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler.
Affected configurations
Node
mozillafirefoxRange<3.6.28
ORmozillafirefoxRange<9
ORmozillaseamonkeyRange<2.6
ORmozillathunderbirdRange<9
Related
canvas
canvas
Immunity Canvas: FIREFOX_NSSVGVALUE
2011-12-21 04:02:00
saint
saint
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2011-3658
2011-12-21 04:02:00
packetstorm
packetstorm
Mozilla Firefox 7 / 8 Out-Of-Bounds Access
2012-05-08 00:00:00
openvas
openvas
Mozilla Products DOMAttrModified Memory Corruption Vulnerability (Windows)
2011-12-22 00:00:00
Mozilla Products DOMAttrModified Memory Corruption Vulnerability (MAC OS X)
2011-12-22 00:00:00
Mozilla Products DOMAttrModified Memory Corruption Vulnerability - Mac OS X
2011-12-22 00:00:00
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkey越界内存破坏漏洞
2011-12-21 00:00:00
nvd
nvd
CVE-2011-3658
2011-12-21 04:02:00
prion
prion
Out-of-bounds
2011-12-21 04:02:00
cvelist
cvelist
CVE-2011-3658
2011-12-21 02:00:00
ubuntucve
ubuntucve
CVE-2011-3658
2011-12-20 00:00:00
zdi
zdi
nessus
nessus
Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1306-1)
2012-01-09 00:00:00
Mandriva Linux Security Advisory : mozilla (MDVSA-2011:192)
2012-09-06 00:00:00
openSUSE Security Update : seamonkey (openSUSE-SU-2012:0007-1)
2014-06-13 00:00:00
suse
suse
seamonkey (important)
2012-01-05 12:35:43
seamonkey (important)
2012-01-05 12:08:18
MozillaFirefox (important)
2012-02-09 19:09:53
ubuntu
ubuntu
Firefox vulnerabilities
2012-01-06 00:00:00
Mozvoikko and ubufox update
2012-01-06 00:00:00
Thunderbird vulnerabilities
2012-01-24 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-12-20 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-01-02 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.955 High
EPSS
Percentile
99.4%
Related for MFSA2011-55