Lucene search
Ubuntu.comUB:CVE-2011-2999HistorySep 28, 2011 - 12:00 a.m.
CVE-2011-2999
2011-09-2800:00:00
ubuntu.com
ubuntu.com
20
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.011 Low
EPSS
Percentile
84.1%
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0,
and SeaMonkey before 2.3 do not properly handle “location” as the name of a
frame, which allows remote attackers to bypass the Same Origin Policy via a
crafted web site, a different vulnerability than CVE-2010-0170.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | firefox | < 3.6.23+build1+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | firefox | < 3.6.23+build1+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 7.0.1+build1+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | thunderbird | < 3.1.15+build1+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | thunderbird | < 3.1.15+build1+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | thunderbird | < 3.1.15+build1+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | xulrunner-1.9.2 | < 1.9.2.23+build1+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | xulrunner-1.9.2 | < 1.9.2.23+build1+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | xulrunner-1.9.2 | < 1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2011-09-29 00:55:00
Cross site scripting
2010-03-25 21:00:00
cve
cve
CVE-2011-2999
2011-09-29 00:55:00
CVE-2010-0170
2010-03-25 21:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-10
2010-04-06 00:00:00
Mozilla Foundation Security Advisory 2011-38
2011-10-01 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-10-01 00:00:00
ubuntucve
ubuntucve
CVE-2010-0170
2010-03-25 00:00:00
mozilla
mozilla
XSS via plugins and unprotected Location object — Mozilla
2010-03-23 00:00:00
XSS via plugins and shadowed window.location object — Mozilla
2011-09-27 00:00:00
seebug
seebug
Mozilla Firefox 3.6 window.location对象非授权数据访问漏洞
2010-03-24 00:00:00
openvas
openvas
Mozilla Products Same Origin Policy Bypass Vulnerability - Mac OS X
2011-10-14 00:00:00
Mozilla Products Same Origin Policy Bypass Vulnerability (Windows)
2011-10-04 00:00:00
Mozilla Products Same Origin Policy Bypass Vulnerability (MAC OS X)
2011-10-14 00:00:00
veracode
veracode
Same-Origin Policy Bypass
2020-04-10 01:02:43
centos
centos
seamonkey security update
2011-09-29 18:51:19
thunderbird security update
2011-09-29 04:34:00
firefox, xulrunner security update
2011-09-29 03:54:30
nessus
nessus
Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64
2012-08-01 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : seamonkey (RHSA-2011:1344)
2011-09-29 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2011-09-28 00:00:00
seamonkey security update
2011-09-29 00:00:00
firefox security update
2011-09-28 00:00:00
redhat
redhat
(RHSA-2011:1344) Critical: seamonkey security update
2011-09-28 00:00:00
(RHSA-2011:1343) Critical: thunderbird security update
2011-09-28 00:00:00
(RHSA-2011:1341) Critical: firefox security update
2011-09-28 00:00:00
osv
osv
iceweasel - several
2011-09-29 00:00:00
icedove - several
2011-10-05 00:00:00
iceape - several
2011-09-29 00:00:00
debian
debian
[SECURITY] [DSA 2313-1] iceweasel security update
2011-09-29 20:48:08
[SECURITY] [DSA 2312-1] iceape security update
2011-09-29 16:30:08
[SECURITY] [DSA 2317-1] icedove security update
2011-10-05 20:36:17
suse
suse
MozillaFirefox: Update to Firefox 3.6.23 (important)
2011-09-29 16:08:17
Security update for Mozilla Firefox (important)
2011-10-06 00:08:31
mozilla-xulrunner192: Update to Mozilla XULRunner 1.9.2.23 (important)
2011-09-29 14:08:20
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-09-28 00:00:00
Thunderbird vulnerabilities
2011-09-28 00:00:00
Mozvoikko, ubufox, webfav update
2011-10-04 00:00:00
ibm
ibm
freebsd
freebsd
Mozilla -- multiple vulnerabilities
2011-09-27 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.011 Low
EPSS
Percentile
84.1%
Related for UB:CVE-2011-2999