[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-3659Date: (C)2012-02-01   (M)2024-03-27


Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
MDVSA-2012:013
SUSE-SU-2012:0198
SUSE-SU-2012:0221
http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
https://bugzilla.mozilla.org/show_bug.cgi?id=708198
openSUSE-SU-2012:0234
oval:org.mitre.oval:def:14697

CPE    353
cpe:/a:mozilla:firefox:1.5:beta2
cpe:/a:mozilla:firefox:1.5:beta1
cpe:/a:mozilla:firefox:3.6.20
cpe:/a:mozilla:firefox:3.6.21
...
CWE    1
CWE-399
OVAL    23
oval:org.secpod.oval:def:400383
oval:org.secpod.oval:def:700758
oval:org.secpod.oval:def:700753
oval:org.secpod.oval:def:700757
...

© SecPod Technologies