Lucene search
RootSSV:23188HistoryNov 10, 2011 - 12:00 a.m.
Mozilla Firefox/Thunderbird NoWaiverWrapper权限提升漏洞(CVE-2011-3655)
2011-11-1000:00:00
Root
www.seebug.org
13
0.006 Low
EPSS
Percentile
77.0%
CVE ID: CVE-2011-3655
Firefox是一款非常流行的开源WEB浏览器。Thunderbird是一个邮件客户端,支持IMAP、POP邮件协议以及HTML邮件格式。
Mozilla Firefox 4.x至7.0、Thunderbird 5.0至7.0在实现上存在权限提升漏洞,由于没有验证NoWaiverWrapper包装程序的使用情况即访问控件,可允许远程攻击者通过特制的网站提升权限。
Mozilla Firefox 7.x
Mozilla Thunderbird 7.x
厂商补丁:
Mozilla
Mozilla已经为此发布了一个安全公告(2011-52)以及相应补丁:
2011-52:Mozilla Foundation Security Advisory 2011-52
链接:http://www.mozilla.org/security/announce/2011/mfsa2011-52.html
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2011-52
2011-11-25 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-11-25 00:00:00
mozilla
mozilla
Code execution via NoWaiverWrapper — Mozilla
2011-11-08 00:00:00
cve
cve
CVE-2011-3655
2011-11-09 11:55:04
ubuntucve
ubuntucve
CVE-2011-3655
2011-11-09 00:00:00
prion
prion
Design/Logic Flaw
2011-11-09 11:55:00
openvas
openvas
cvelist
cvelist
CVE-2011-3655
2011-11-09 11:00:00
nessus
nessus
openSUSE Security Update : seamonkey (openSUSE-2011-34)
2014-06-13 00:00:00
Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird2)
2015-01-19 00:00:00
Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1277-1)
2011-11-26 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2011-11-28 00:00:00
Firefox vulnerabilities
2011-11-23 00:00:00
Mozvoikko and ubufox update
2011-11-23 00:00:00
suse
suse
MozillaFirefox secuirty update (critical)
2011-11-15 15:08:39
Security update for Mozilla Firefox (critical)
2011-11-17 23:08:23
Security update for mozilla-nss (critical)
2011-11-18 22:08:26
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-11-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00