Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-3658
HistoryDec 21, 2011 - 4:02 a.m.

Out-of-bounds

2011-12-2104:02:00
PRIOn knowledge base
www.prio-n.com
8

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.4%

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.

CPENameOperatorVersion
firefoxeq8.0
seamonkeyeq2.5
thunderbirdeq8.0

References

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.4%