Lucene search
Ubuntu.comUB:CVE-2011-3670HistoryFeb 01, 2012 - 12:00 a.m.
CVE-2011-3670
2012-02-0100:00:00
ubuntu.com
ubuntu.com
6
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.4%
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before
3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly
enforce the IPv6 literal address syntax, which allows remote attackers to
obtain sensitive information by making XMLHttpRequest calls through a proxy
and reading the error messages.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | thunderbird | < 3.1.18+build2+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | thunderbird | < 3.1.18+build2+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | thunderbird | < 3.1.18+build2+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | xulrunner-1.9.2 | < 1.9.2.26+build2+nobinonly-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | xulrunner-1.9.2 | < 1.9.2.26+build2+nobinonly-0ubuntu0.10.10.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | xulrunner-1.9.2 | < 1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1 | UNKNOWN |
References
Related
veracode
veracode
Information Disclosure
2020-04-10 01:07:18
mozilla
mozilla
Overly permissive IPv6 literal syntax — Mozilla
2012-01-31 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2012-02
2012-02-03 00:00:00
Mozilla Foundation Security Advisory 2012-02
2012-02-03 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-02-03 00:00:00
cve
cve
CVE-2011-3670
2012-02-01 16:55:00
prion
prion
Information disclosure
2012-02-01 16:55:00
openvas
openvas
nessus
nessus
Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64 (20120201)
2012-08-01 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64 (20120201)
2012-08-01 00:00:00
RHEL 4 / 5 : thunderbird (RHSA-2012:0085)
2012-02-02 00:00:00
redhat
redhat
(RHSA-2012:0084) Critical: seamonkey security update
2012-02-01 00:00:00
(RHSA-2012:0085) Critical: thunderbird security update
2012-02-01 00:00:00
(RHSA-2012:0080) Critical: thunderbird security update
2012-01-31 00:00:00
centos
centos
thunderbird security update
2012-02-01 12:31:49
seamonkey security update
2012-02-01 12:34:44
thunderbird security update
2012-02-01 11:56:07
oraclelinux
oraclelinux
thunderbird security update
2012-02-01 00:00:00
seamonkey security update
2012-02-01 00:00:00
thunderbird security update
2012-01-31 00:00:00
debian
debian
[SECURITY] [DSA 2406-1] icedove security update
2012-02-09 12:08:16
[SECURITY] [DSA 2402-1] iceape security update
2012-02-02 20:12:08
[SECURITY] [DSA 2400-1] iceweasel security update
2012-02-02 20:09:11
osv
osv
iceape - several
2012-02-02 00:00:00
icedove - several
2012-02-09 00:00:00
iceweasel - several
2012-02-02 00:00:00
suse
suse
Security update for Mozilla XULrunner (important)
2012-02-09 19:07:25
Security update for Mozilla Firefox (important)
2012-02-09 19:10:22
MozillaFirefox: Version 10 (important)
2012-02-09 19:10:49
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-02-08 00:00:00
Xulrunnner vulnerabilities
2012-02-08 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-01-31 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.4%
Related for UB:CVE-2011-3670