10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.5%
Added: 07/27/2011
CVE: CVE-2011-0073
BID: 47663
OSVDB: 72087
Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.
Mozilla Firefox and SeaMonkey are prone to a remote code execution vulnerability caused by accessing previously freed memory.
For Firefox 3.6, upgrade to version 3.6.17 or later. For Firefox 3.5, upgrade to 3.5.19 or later. For SeaMonkey, upgrade to 2.0.14 or later.
<http://www.mozilla.org/security/announce/2011/mfsa2011-13.html>
<https://bugzilla.mozilla.org/show_bug.cgi?id=630919>
This exploit has been tested against Mozilla Foundation Firefox 3.6.16 running on Microsoft Windows XP SP3 English (DEP OptIn) with KB959426 updated and “kernel32.dll” version 5.1.2600.5781.
Windows