Lucene search

K

PRIOn knowledge basePRION:CVE-2011-3647

HistoryNov 09, 2011 - 11:55 a.m.

Design/Logic Flaw

2011-11-0911:55:00

PRIOn knowledge base

www.prio-n.com

5

6.8 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

80.9%

The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004.

CPENameOperatorVersion
firefoxeq0.1
firefoxeq3.6.2
firefoxeq0.8
firefoxeq2.0.0.12
firefoxeq1.5 beta2
firefoxeq3.0.17
firefoxeq3.5.3
firefoxeq3.0.7
firefoxeq1.5.2
firefoxeq3.0.9

Rows per page:

1-10 of 2151

References

lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html

www.mozilla.org/security/announce/2011/mfsa2011-46.html

www.redhat.com/support/errata/RHSA-2011-1439.html

bugzilla.mozilla.org/show_bug.cgi?id=680880

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13550

6.8 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

80.9%

Related for PRION:CVE-2011-3647

cve2 ubuntucve2 nessus41 ubuntu3 openvas41 prion1 securityvulns4 mozilla2 veracode1 osv3 oraclelinux2 redhat2 suse6 debian4 centos1 freebsd2 gentoo1