Lucene search

K

PRIOn knowledge basePRION:CVE-2011-0059

HistoryMar 02, 2011 - 8:00 p.m.

Cross site request forgery (csrf)

2011-03-0220:00:00

PRIOn knowledge base

www.prio-n.com

6

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.7%

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.

CPENameOperatorVersion
firefoxeq3.6.2
firefoxeq3.6.3
firefoxeq3.6.11
firefoxeq3.6.8
firefoxeq3.6.9
firefoxeq3.6.12
firefoxeq3.6.6
firefoxeq3.6.10
firefoxeq3.6.7
firefoxeq3.6.4

Rows per page:

1-10 of 1571

References

downloads.avaya.com/css/P8/documents/100133195

support.avaya.com/css/P8/documents/100128655

www.mandriva.com/security/advisories?name=MDVSA-2011:041

www.mozilla.org/security/announce/2011/mfsa2011-10.html

www.redhat.com/support/errata/RHSA-2011-0313.html

www.securityfocus.com/bid/46652

bugzilla.mozilla.org/show_bug.cgi?id=573873

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14473

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.7%

Related for PRION:CVE-2011-0059

securityvulns2 mozilla1 veracode1 ubuntucve1 cve1 nessus36 openvas28 redhat2 oraclelinux2 centos2 osv3 debian4 ubuntu3 freebsd1 suse1 gentoo1