Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-3001
HistorySep 30, 2011 - 12:00 a.m.

CVE-2011-3001

2011-09-3000:00:00
ubuntu.com
ubuntu.com
17

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.01

Percentile

83.6%

Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before
2.4 do not prevent manual add-on installation in response to the holding of
the Enter key, which allows user-assisted remote attackers to bypass
intended access restrictions via a crafted web site that triggers an
unspecified internal error.

OSVersionArchitecturePackageVersionFilename
ubuntu11.04noarchfirefox< 7.0.1+build1+nobinonly-0ubuntu0.11.04.1UNKNOWN

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.01

Percentile

83.6%