Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-2605
HistoryJun 30, 2011 - 12:00 a.m.

CVE-2011-2605

2011-06-3000:00:00
ubuntu.com
ubuntu.com
22

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.398

Percentile

97.3%

JSON

CRLF injection vulnerability in the
nsCookieService::SetCookieStringInternal function in
netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x
through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to
bypass intended access restrictions via a string containing a \n (newline)
character, which is not properly handled in a JavaScript β€œdocument.cookie
=” expression, a different vulnerability than CVE-2011-2374.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox<Β 3.6.23+build1+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchfirefox<Β 3.6.23+build1+nobinonly-0ubuntu0.10.10.1UNKNOWN
ubuntu11.04noarchfirefox<Β 7.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN
ubuntu10.04noarchthunderbird<Β 3.1.15+build1+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchthunderbird<Β 3.1.15+build1+nobinonly-0ubuntu0.10.10.1UNKNOWN
ubuntu11.04noarchthunderbird<Β 3.1.15+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN

Related

prion 2
cvelist 2
nvd 2
cve 2
openvas 59
veracode 2
ubuntucve 1
seebug 1
nessus 44
oraclelinux 4
redhat 4
mozilla 1
centos 3
osv 5
debian 5
ubuntu 6
suse 4
securityvulns 1
gentoo 1
prion
prion
Crlf injection
2011-06-30 16:55:00
Memory corruption
2011-06-30 16:55:00
cvelist
cvelist
CVE-2011-2605
2011-06-30 16:00:00
CVE-2011-2374
2011-06-30 16:00:00
nvd
nvd
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2374
2011-06-30 16:55:05
cve
cve
CVE-2011-2605
2011-06-30 16:55:05
CVE-2011-2374
2011-06-30 16:55:05
openvas
openvas
Mozilla Products Multiple Vulnerabilities - 02 - (Jul 2011) - Windows
2011-07-07 00:00:00
Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 02
2011-07-07 00:00:00
Debian: Security Advisory (DSA-2273-3)
2011-08-03 00:00:00
veracode
veracode
CRLF Injection
2020-04-10 00:58:24
Arbitrary Code Execution
2020-04-10 00:58:22
ubuntucve
ubuntucve
CVE-2011-2374
2011-06-24 00:00:00
seebug
seebug
Mozilla Firefox/Thunderbirdε†…ε­˜η ΄εζΌζ΄ž(CVE-2011-2374)
2011-06-25 00:00:00
nessus
nessus
Mozilla Firefox > 4.0 and < 5.0 Multiple Vulnerabilities
2011-06-21 00:00:00
Oracle Linux 6 : thunderbird (ELSA-2011-0886)
2013-07-12 00:00:00
Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities
2011-06-21 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
firefox security and bug fix update
2011-06-21 00:00:00
redhat
redhat
(RHSA-2011:0886) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) β€” Mozilla
2011-06-21 00:00:00
centos
centos
thunderbird security update
2011-06-22 23:49:49
firefox, xulrunner security update
2011-06-22 23:42:39
seamonkey security update
2011-08-14 21:51:22
osv
osv
icedove - multiple issues
2011-07-06 00:00:00
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
debian
debian
[BSA-040] Security Update for iceweasel
2011-07-04 07:11:09
[SECURITY] [DSA 2273-1] icedove security update
2011-07-06 18:34:07
[SECURITY] [DSA 2269-1] iceape security update
2011-07-01 20:16:48
ubuntu
ubuntu
Firefox regression
2011-06-23 00:00:00
Firefox vulnerabilities
2011-06-22 00:00:00
mozvoikko, ubufox, webfav update
2011-06-22 00:00:00
suse
suse
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.398

Percentile

97.3%

JSON
Related for UB:CVE-2011-2605
prion2cvelist2nvd2cve2openvas59veracode2ubuntucve1seebug1nessus44oraclelinux4redhat4mozilla1centos3osv5debian5ubuntu6suse4securityvulns1gentoo1