Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20659
HistoryJun 25, 2011 - 12:00 a.m.

Mozilla Firefox/Thunderbird/SeaMonkey Array.reduceRight()远程代码执行漏洞

2011-06-2500:00:00
Root
www.seebug.org
38

0.957 High

EPSS

Percentile

99.4%

JSON

BUGTRAQ ID: 48372
CVE(CAN) ID: CVE-2011-2371

Firefox是一款非常流行的开源WEB浏览器。Thunderbird是一个邮件客户端,支持IMAP、POP邮件协议以及HTML邮件格式。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。

Mozilla Firefox、Thunderbird和SeaMonkey在处理超长JavaScript数组的实现上存在远程代码执行漏洞,远程攻击者可利用这些漏洞执行任意代码,使受响应用程序崩溃,可能造成拒绝服务。

Mozilla Firefox 3.6.x
Mozilla Firefox 3.5.x
Mozilla Thunderbird 3.x
Mozilla Thunderbird 2.x
Mozilla SeaMonkey 2.x
厂商补丁:

Mozilla

Mozilla已经为此发布了一个安全公告(mfsa2011-22)以及相应补丁:

mfsa2011-22:Mozilla Foundation Security Advisory 2011-22

链接:http://www.mozilla.org/security/announce/2011/mfsa2011-22.html

Related

cve 1
canvas 1
exploitpack 2
fireeye 1
packetstorm 3
mozilla 1
seebug 2
checkpoint_advisories 1
openvas 56
cvelist 1
veracode 1
nvd 1
ubuntucve 1
prion 1
exploitdb 2
osv 3
debian 5
nessus 40
ubuntu 6
suse 4
redhat 3
centos 3
oraclelinux 3
securityvulns 1
gentoo 1
cve
cve
CVE-2011-2371
2011-06-30 16:55:05
canvas
canvas
Immunity Canvas: FIREFOX_ARRAY_REDUCERIGHT
2011-06-30 16:55:00
exploitpack
exploitpack
Mozilla Firefox 4.0.1 - Array.reduceRight() Remote Overflow
2012-02-27 00:00:00
Mozilla Firefox - Array.reduceRight() Integer Overflow (1)
2011-10-12 00:00:00
fireeye
fireeye
Using EMET to Disable EMET
2016-02-23 08:00:00
packetstorm
packetstorm
Mozilla Firefox Array.reduceRight() Integer Overflow
2011-10-14 00:00:00
Mozilla Firefox 4.0.1 Integer Overflow
2012-02-27 00:00:00
Mozilla Firefox Integer Overflow
2011-10-13 00:00:00
mozilla
mozilla
Integer overflow and arbitrary code execution in Array.reduceRight() — Mozilla
2011-06-21 00:00:00
seebug
seebug
Mozilla Firefox Array.reduceRight() Integer Overflow Exploit
2011-10-13 00:00:00
Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit
2014-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Array.reduceRight Integer Overflow (CVE-2011-2371)
2011-09-27 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2011-22) - Linux
2021-11-16 00:00:00
Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 01
2011-07-07 00:00:00
Mozilla Products Multiple Vulnerabilities - 01 - (Jul 2011) - Windows
2011-07-07 00:00:00
cvelist
cvelist
CVE-2011-2371
2011-06-30 16:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:58:40
nvd
nvd
CVE-2011-2371
2011-06-30 16:55:05
ubuntucve
ubuntucve
CVE-2011-2371
2011-06-24 00:00:00
prion
prion
Integer overflow
2011-06-30 16:55:00
exploitdb
exploitdb
Mozilla Firefox - 'Array.reduceRight()' Integer Overflow (1)
2011-10-12 00:00:00
Mozilla Firefox 4.0.1 - 'Array.reduceRight()' Remote Overflow
2012-02-27 00:00:00
osv
osv
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
icedove - multiple issues
2011-07-06 00:00:00
debian
debian
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2268-1] iceweasel security update
2011-07-01 19:32:42
[SECURITY] [DSA 2269-1] iceape security update
2011-07-01 20:16:48
nessus
nessus
Debian DSA-2268-1 : iceweasel - several vulnerabilities
2011-07-05 00:00:00
Debian DSA-2273-1 : icedove - several vulnerabilities
2011-07-07 00:00:00
Debian DSA-2269-1 : iceape - several vulnerabilities
2011-07-05 00:00:00
ubuntu
ubuntu
mozvoikko, ubufox, webfav update
2011-06-22 00:00:00
Firefox vulnerabilities
2011-06-22 00:00:00
Firefox regression
2011-06-23 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
redhat
redhat
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
(RHSA-2011:0888) Critical: seamonkey security update
2011-06-21 00:00:00
centos
centos
firefox, xulrunner security update
2011-06-22 23:42:39
thunderbird security update
2011-06-22 23:49:49
seamonkey security update
2011-08-14 21:51:22
oraclelinux
oraclelinux
seamonkey security update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

0.957 High

EPSS

Percentile

99.4%

JSON
Related for SSV:20659
cve1canvas1exploitpack2fireeye1packetstorm3mozilla1seebug2checkpoint_advisories1openvas56cvelist1veracode1nvd1ubuntucve1prion1exploitdb2osv3debian5nessus40ubuntu6suse4redhat3centos3oraclelinux3securityvulns1gentoo1