9.3

CVE-2011-2981

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version <= 3.6.19
MozillaFirefox Version1.0
MozillaFirefox Version1.0 Updatepreview_release
MozillaFirefox Version1.0.1
MozillaFirefox Version1.0.2
MozillaFirefox Version1.0.3
MozillaFirefox Version1.0.4
MozillaFirefox Version1.0.5
MozillaFirefox Version1.0.6
MozillaFirefox Version1.0.7
MozillaFirefox Version1.0.8
MozillaFirefox Version1.5
MozillaFirefox Version1.5 Updatebeta1
MozillaFirefox Version1.5 Updatebeta2
MozillaFirefox Version1.5.0.1
MozillaFirefox Version1.5.0.2
MozillaFirefox Version1.5.0.3
MozillaFirefox Version1.5.0.4
MozillaFirefox Version1.5.0.5
MozillaFirefox Version1.5.0.6
MozillaFirefox Version1.5.0.7
MozillaFirefox Version1.5.0.8
MozillaFirefox Version1.5.0.9
MozillaFirefox Version1.5.0.10
MozillaFirefox Version1.5.0.11
MozillaFirefox Version1.5.0.12
MozillaFirefox Version1.5.1
MozillaFirefox Version1.5.2
MozillaFirefox Version1.5.3
MozillaFirefox Version1.5.4
MozillaFirefox Version1.5.5
MozillaFirefox Version1.5.6
MozillaFirefox Version1.5.7
MozillaFirefox Version1.5.8
MozillaFirefox Version2.0
MozillaFirefox Version2.0.0.1
MozillaFirefox Version2.0.0.2
MozillaFirefox Version2.0.0.3
MozillaFirefox Version2.0.0.4
MozillaFirefox Version2.0.0.5
MozillaFirefox Version2.0.0.6
MozillaFirefox Version2.0.0.7
MozillaFirefox Version2.0.0.8
MozillaFirefox Version2.0.0.9
MozillaFirefox Version2.0.0.10
MozillaFirefox Version2.0.0.11
MozillaFirefox Version2.0.0.12
MozillaFirefox Version2.0.0.13
MozillaFirefox Version2.0.0.14
MozillaFirefox Version2.0.0.15
MozillaFirefox Version2.0.0.16
MozillaFirefox Version2.0.0.17
MozillaFirefox Version2.0.0.18
MozillaFirefox Version2.0.0.19
MozillaFirefox Version2.0.0.20
MozillaFirefox Version3.0
MozillaFirefox Version3.0.1
MozillaFirefox Version3.0.2
MozillaFirefox Version3.0.3
MozillaFirefox Version3.0.4
MozillaFirefox Version3.0.5
MozillaFirefox Version3.0.6
MozillaFirefox Version3.0.7
MozillaFirefox Version3.0.8
MozillaFirefox Version3.0.9
MozillaFirefox Version3.0.10
MozillaFirefox Version3.0.11
MozillaFirefox Version3.0.12
MozillaFirefox Version3.0.13
MozillaFirefox Version3.0.14
MozillaFirefox Version3.0.15
MozillaFirefox Version3.0.16
MozillaFirefox Version3.0.17
MozillaFirefox Version3.5
MozillaFirefox Version3.5.1
MozillaFirefox Version3.5.2
MozillaFirefox Version3.5.3
MozillaFirefox Version3.5.4
MozillaFirefox Version3.5.5
MozillaFirefox Version3.5.6
MozillaFirefox Version3.5.7
MozillaFirefox Version3.5.8
MozillaFirefox Version3.5.9
MozillaFirefox Version3.5.10
MozillaFirefox Version3.5.11
MozillaFirefox Version3.5.12
MozillaFirefox Version3.5.13
MozillaFirefox Version3.5.14
MozillaFirefox Version3.5.15
MozillaFirefox Version3.5.16
MozillaFirefox Version3.5.17
MozillaFirefox Version3.5.18
MozillaFirefox Version3.5.19
MozillaFirefox Version3.6
MozillaFirefox Version3.6.2
MozillaFirefox Version3.6.3
MozillaFirefox Version3.6.4
MozillaFirefox Version3.6.6
MozillaFirefox Version3.6.7
MozillaFirefox Version3.6.8
MozillaFirefox Version3.6.9
MozillaFirefox Version3.6.10
MozillaFirefox Version3.6.11
MozillaFirefox Version3.6.12
MozillaFirefox Version3.6.13
MozillaFirefox Version3.6.14
MozillaFirefox Version3.6.15
MozillaFirefox Version3.6.16
MozillaFirefox Version3.6.17
MozillaFirefox Version3.6.18
MozillaSeamonkey Version2.0
MozillaSeamonkey Version2.0 Updatealpha_1
MozillaSeamonkey Version2.0 Updatealpha_2
MozillaSeamonkey Version2.0 Updatealpha_3
MozillaSeamonkey Version2.0 Updatebeta_1
MozillaSeamonkey Version2.0 Updatebeta_2
MozillaSeamonkey Version2.0 Updaterc1
MozillaSeamonkey Version2.0 Updaterc2
MozillaSeamonkey Version2.0.1
MozillaSeamonkey Version2.0.2
MozillaSeamonkey Version2.0.3
MozillaSeamonkey Version2.0.4
MozillaSeamonkey Version2.0.5
MozillaSeamonkey Version2.0.6
MozillaSeamonkey Version2.0.7
MozillaSeamonkey Version2.0.8
MozillaSeamonkey Version2.0.9
MozillaSeamonkey Version2.0.10
MozillaSeamonkey Version2.0.11
MozillaSeamonkey Version2.0.12
MozillaSeamonkey Version2.0.13
MozillaSeamonkey Version2.0.14
MozillaSeamonkey Version2.1 Updatealpha1
MozillaSeamonkey Version2.1 Updatealpha2
MozillaSeamonkey Version2.1 Updatealpha3
MozillaThunderbird Version3.0
MozillaThunderbird Version3.0.1
MozillaThunderbird Version3.0.2
MozillaThunderbird Version3.0.3
MozillaThunderbird Version3.0.4
MozillaThunderbird Version3.0.5
MozillaThunderbird Version3.0.6
MozillaThunderbird Version3.0.7
MozillaThunderbird Version3.0.8
MozillaThunderbird Version3.0.9
MozillaThunderbird Version3.0.10
MozillaThunderbird Version3.0.11
MozillaThunderbird Version3.1
MozillaThunderbird Version3.1.1
MozillaThunderbird Version3.1.2
MozillaThunderbird Version3.1.3
MozillaThunderbird Version3.1.4
MozillaThunderbird Version3.1.5
MozillaThunderbird Version3.1.6
MozillaThunderbird Version3.1.7
MozillaThunderbird Version3.1.8
MozillaThunderbird Version3.1.9
MozillaThunderbird Version3.1.10
MozillaThunderbird Version3.1.11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.24% 0.805
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html
http://www.debian.org/security/2011/dsa-2295
http://www.debian.org/security/2011/dsa-2296
http://www.debian.org/security/2011/dsa-2297
http://www.mandriva.com/security/advisories?name=MDVSA-2011:127
http://www.mozilla.org/security/announce/2011/mfsa2011-30.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1164.html
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=614151
https://bugzilla.mozilla.org/show_bug.cgi?id=643450
https://bugzilla.mozilla.org/show_bug.cgi?id=650252
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14512