Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:B770CDCC7046091805FBAF873B328EBE
HistoryJul 27, 2011 - 12:00 a.m.

Mozilla Firefox nsTreeRange Use After Free

2011-07-2700:00:00
SAINT Corporation
www.saintcorporation.com
34

0.965 High

EPSS

Percentile

99.5%

JSON

Added: 07/27/2011
CVE: CVE-2011-0073
BID: 47663
OSVDB: 72087

Background

Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.

Problem

Mozilla Firefox and SeaMonkey are prone to a remote code execution vulnerability caused by accessing previously freed memory.

Resolution

For Firefox 3.6, upgrade to version 3.6.17 or later. For Firefox 3.5, upgrade to 3.5.19 or later. For SeaMonkey, upgrade to 2.0.14 or later.

References

<http://www.mozilla.org/security/announce/2011/mfsa2011-13.html&gt;
<https://bugzilla.mozilla.org/show_bug.cgi?id=630919&gt;

Limitations

This exploit has been tested against Mozilla Foundation Firefox 3.6.16 running on Microsoft Windows XP SP3 English (DEP OptIn) with KB959426 updated and “kernel32.dll” version 5.1.2600.5781.

Platforms

Windows

Related

checkpoint_advisories 2
saint 3
cve 1
prion 1
packetstorm 1
zdi 1
ubuntucve 1
veracode 1
securityvulns 2
mozilla 1
openvas 57
nessus 42
centos 3
redhat 4
oraclelinux 4
debian 4
osv 3
ubuntu 5
suse 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox nsTreeRange Use After Free (CVE-2011-0073)
2011-11-01 00:00:00
Mozilla Firefox nsTreeRange Use After Free - Ver2 (CVE-2011-0073)
2015-03-26 00:00:00
saint
saint
Mozilla Firefox nsTreeRange Use After Free
2011-07-27 00:00:00
Mozilla Firefox nsTreeRange Use After Free
2011-07-27 00:00:00
Mozilla Firefox nsTreeRange Use After Free
2011-07-27 00:00:00
cve
cve
CVE-2011-0073
2011-05-07 18:55:00
prion
prion
Null pointer dereference
2011-05-07 18:55:00
packetstorm
packetstorm
Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability
2011-07-11 00:00:00
zdi
zdi
Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability
2011-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2011-0073
2011-05-04 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:56:31
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-13
2011-05-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-05-11 00:00:00
mozilla
mozilla
Multiple dangling pointer vulnerabilities — Mozilla
2011-04-28 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities (May 2011) - Windows
2011-05-18 00:00:00
Mozilla Products Multiple Vulnerabilities May-11 (Windows)
2011-05-18 00:00:00
CentOS Update for thunderbird CESA-2011:0474 centos5 i386
2011-08-09 00:00:00
nessus
nessus
CentOS 4 / 5 : thunderbird (CESA-2011:0474)
2011-05-02 00:00:00
RHEL 4 / 5 : thunderbird (RHSA-2011:0474)
2011-04-29 00:00:00
Oracle Linux 4 : thunderbird (ELSA-2011-0474)
2013-07-12 00:00:00
centos
centos
thunderbird security update
2011-04-29 15:49:06
seamonkey security update
2011-04-29 20:53:41
firefox, xulrunner security update
2011-04-29 15:48:25
redhat
redhat
(RHSA-2011:0474) Critical: thunderbird security update
2011-04-28 00:00:00
(RHSA-2011:0473) Critical: seamonkey security update
2011-04-28 00:00:00
(RHSA-2011:0475) Critical: thunderbird security update
2011-04-28 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2011-04-29 00:00:00
seamonkey security update
2011-04-29 00:00:00
thunderbird security update
2011-04-29 00:00:00
debian
debian
[SECURITY] [DSA 2227-1] iceape security update
2011-04-30 14:52:24
[BSA-034] Security Update for iceweasel
2011-05-03 06:36:14
[SECURITY] [DSA 2235-1] icedove security update
2011-05-10 19:59:51
osv
osv
iceape - several
2011-04-30 00:00:00
iceweasel - several
2011-05-01 00:00:00
icedove - several
2011-05-10 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-04-29 00:00:00
Thunderbird vulnerabilities
2011-05-05 00:00:00
Thunderbird regression
2011-06-06 00:00:00
suse
suse
remote code execution, remote denial of service in MozillaFirefox,seamonkey,MozillaThunderbird
2011-05-05 17:46:39
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

0.965 High

EPSS

Percentile

99.5%

JSON
Related for SAINT:B770CDCC7046091805FBAF873B328EBE
checkpoint_advisories2saint3cve1prion1packetstorm1zdi1ubuntucve1veracode1securityvulns2mozilla1openvas57nessus42centos3redhat4oraclelinux4debian4osv3ubuntu5suse1gentoo1