Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310802510
HistoryNov 11, 2011 - 12:00 a.m.

Mozilla Products Browser Engine Denial of Service Vulnerabilities - Windows

2011-11-1100:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
11

9.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON

Mozilla Firefox/Thunderbird is prone to a denial of service (DoS) vulnerability.

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.802510");
  script_version("2024-02-15T05:05:39+0000");
  script_cve_id("CVE-2011-3654", "CVE-2011-3652");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"creation_date", value:"2011-11-11 13:42:01 +0530 (Fri, 11 Nov 2011)");
  script_name("Mozilla Products Browser Engine Denial of Service Vulnerabilities - Windows");

  script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-48.html");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50600");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50602");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Denial of Service");
  script_dependencies("gb_firefox_detect_portable_win.nasl",
                      "gb_thunderbird_detect_portable_win.nasl");
  script_mandatory_keys("Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed");
  script_tag(name:"impact", value:"Successful exploitation will let attackers to cause a denial of service and
  execute arbitrary code via unspecified vectors.");
  script_tag(name:"affected", value:"Thunderbird version prior to 8.0
  Mozilla Firefox version prior to 8.0");
  script_tag(name:"insight", value:"The flaws are due to error in browser engine

  - Fails to properly handle links from SVG mpath elements to non-SVG elements.

  - Fails to properly allocate memory.");
  script_tag(name:"summary", value:"Mozilla Firefox/Thunderbird is prone to a denial of service (DoS) vulnerability.");
  script_tag(name:"solution", value:"Upgrade to Mozilla Firefox version 8.0 or later, Upgrade to Thunderbird version to 8.0 or later.");
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("version_func.inc");


vers = get_kb_item("Firefox/Win/Ver");
if(vers)
{
  if(version_is_less(version:vers, test_version:"8.0"))
  {
     report = report_fixed_ver(installed_version:vers, fixed_version:"8.0");
     security_message(port: 0, data: report);
     exit(0);
  }
}

vers = get_kb_item("Thunderbird/Win/Ver");
if(vers)
{
  if(version_is_less(version:vers, test_version:"8.0")){
    report = report_fixed_ver(installed_version:vers, fixed_version:"8.0");
    security_message(port: 0, data: report);
  }
}

Related

openvas 16
securityvulns 2
mozilla 1
prion 2
cve 2
cvelist 2
ubuntucve 2
nessus 22
ubuntu 3
suse 3
freebsd 1
kitploit 1
gentoo 1
openvas
openvas
Mozilla Products Browser Engine Denial of Service Vulnerabilities (Windows)
2011-11-11 00:00:00
Mozilla Firefox Security Advisory (MFSA2011-48) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities - Mac OS X
2011-11-14 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-48
2011-11-25 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-11-25 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:8.0) — Mozilla
2011-11-08 00:00:00
prion
prion
Memory corruption
2011-11-09 11:55:00
Memory corruption
2011-11-09 11:55:00
cve
cve
CVE-2011-3654
2011-11-09 11:55:00
CVE-2011-3652
2011-11-09 11:55:00
cvelist
cvelist
CVE-2011-3654
2011-11-09 11:00:00
CVE-2011-3652
2011-11-09 11:00:00
ubuntucve
ubuntucve
CVE-2011-3654
2011-11-09 00:00:00
CVE-2011-3652
2011-11-09 00:00:00
nessus
nessus
Ubuntu 11.10 : thunderbird vulnerabilities (USN-1282-1)
2011-11-29 00:00:00
Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1277-1)
2011-11-26 00:00:00
Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird2)
2015-01-19 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2011-11-23 00:00:00
Mozvoikko and ubufox update
2011-11-23 00:00:00
Thunderbird vulnerabilities
2011-11-28 00:00:00
suse
suse
MozillaFirefox secuirty update (critical)
2011-11-15 15:08:39
Seamonkey update (critical)
2011-12-01 15:08:20
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-11-08 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

9.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON
Related for OPENVAS:1361412562310802510
openvas16securityvulns2mozilla1prion2cve2cvelist2ubuntucve2nessus22ubuntu3suse3freebsd1kitploit1gentoo1