Lucene search
PRIOn knowledge basePRION:CVE-2011-1712HistoryApr 15, 2011 - 8:55 p.m.
Design/Logic Flaw
2011-04-1520:55:00
PRIOn knowledge base
www.prio-n.com
6
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
References
www.mozilla.org/security/announce/2011/mfsa2011-18.html
bugzilla.mozilla.org/show_bug.cgi?id=640339
exchange.xforce.ibmcloud.com/vulnerabilities/66836
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14467
scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
Related
cve
cve
CVE-2011-1712
2011-04-15 20:55:00
cvelist
cvelist
CVE-2011-1712
2011-04-15 20:00:00
openvas
openvas
Mozilla Firefox Information Disclosure Vulnerability (Windows)
2011-04-22 00:00:00
Mozilla Firefox Information Disclosure Vulnerability - Windows
2011-04-22 00:00:00
Gentoo Security Advisory GLSA 201301-01
2015-09-29 00:00:00
nvd
nvd
CVE-2011-1712
2011-04-15 20:55:00
ubuntucve
ubuntucve
CVE-2011-1712
2011-04-15 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
nessus
nessus
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00