CVE-2011-2981

EPSS 1.28%
Veröffentlicht 18.08.2011 18:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 3.6.19

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0 Updatepreview_release

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Firefox Version1.0.4

Mozilla ≫ Firefox Version1.0.5

Mozilla ≫ Firefox Version1.0.6

Mozilla ≫ Firefox Version1.0.7

Mozilla ≫ Firefox Version1.0.8

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5 Updatebeta1

Mozilla ≫ Firefox Version1.5 Updatebeta2

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Firefox Version1.5.0.5

Mozilla ≫ Firefox Version1.5.0.6

Mozilla ≫ Firefox Version1.5.0.7

Mozilla ≫ Firefox Version1.5.0.8

Mozilla ≫ Firefox Version1.5.0.9

Mozilla ≫ Firefox Version1.5.0.10

Mozilla ≫ Firefox Version1.5.0.11

Mozilla ≫ Firefox Version1.5.0.12

Mozilla ≫ Firefox Version1.5.1

Mozilla ≫ Firefox Version1.5.2

Mozilla ≫ Firefox Version1.5.3

Mozilla ≫ Firefox Version1.5.4

Mozilla ≫ Firefox Version1.5.5

Mozilla ≫ Firefox Version1.5.6

Mozilla ≫ Firefox Version1.5.7

Mozilla ≫ Firefox Version1.5.8

Mozilla ≫ Firefox Version2.0

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Firefox Version2.0.0.2

Mozilla ≫ Firefox Version2.0.0.3

Mozilla ≫ Firefox Version2.0.0.4

Mozilla ≫ Firefox Version2.0.0.5

Mozilla ≫ Firefox Version2.0.0.6

Mozilla ≫ Firefox Version2.0.0.7

Mozilla ≫ Firefox Version2.0.0.8

Mozilla ≫ Firefox Version2.0.0.9

Mozilla ≫ Firefox Version2.0.0.10

Mozilla ≫ Firefox Version2.0.0.11

Mozilla ≫ Firefox Version2.0.0.12

Mozilla ≫ Firefox Version2.0.0.13

Mozilla ≫ Firefox Version2.0.0.14

Mozilla ≫ Firefox Version2.0.0.15

Mozilla ≫ Firefox Version2.0.0.16

Mozilla ≫ Firefox Version2.0.0.17

Mozilla ≫ Firefox Version2.0.0.18

Mozilla ≫ Firefox Version2.0.0.19

Mozilla ≫ Firefox Version2.0.0.20

Mozilla ≫ Firefox Version3.0

Mozilla ≫ Firefox Version3.0.1

Mozilla ≫ Firefox Version3.0.2

Mozilla ≫ Firefox Version3.0.3

Mozilla ≫ Firefox Version3.0.4

Mozilla ≫ Firefox Version3.0.5

Mozilla ≫ Firefox Version3.0.6

Mozilla ≫ Firefox Version3.0.7

Mozilla ≫ Firefox Version3.0.8

Mozilla ≫ Firefox Version3.0.9

Mozilla ≫ Firefox Version3.0.10

Mozilla ≫ Firefox Version3.0.11

Mozilla ≫ Firefox Version3.0.12

Mozilla ≫ Firefox Version3.0.13

Mozilla ≫ Firefox Version3.0.14

Mozilla ≫ Firefox Version3.0.15

Mozilla ≫ Firefox Version3.0.16

Mozilla ≫ Firefox Version3.0.17

Mozilla ≫ Firefox Version3.5

Mozilla ≫ Firefox Version3.5.1

Mozilla ≫ Firefox Version3.5.2

Mozilla ≫ Firefox Version3.5.3

Mozilla ≫ Firefox Version3.5.4

Mozilla ≫ Firefox Version3.5.5

Mozilla ≫ Firefox Version3.5.6

Mozilla ≫ Firefox Version3.5.7

Mozilla ≫ Firefox Version3.5.8

Mozilla ≫ Firefox Version3.5.9

Mozilla ≫ Firefox Version3.5.10

Mozilla ≫ Firefox Version3.5.11

Mozilla ≫ Firefox Version3.5.12

Mozilla ≫ Firefox Version3.5.13

Mozilla ≫ Firefox Version3.5.14

Mozilla ≫ Firefox Version3.5.15

Mozilla ≫ Firefox Version3.5.16

Mozilla ≫ Firefox Version3.5.17

Mozilla ≫ Firefox Version3.5.18

Mozilla ≫ Firefox Version3.5.19

Mozilla ≫ Firefox Version3.6

Mozilla ≫ Firefox Version3.6.2

Mozilla ≫ Firefox Version3.6.3

Mozilla ≫ Firefox Version3.6.4

Mozilla ≫ Firefox Version3.6.6

Mozilla ≫ Firefox Version3.6.7

Mozilla ≫ Firefox Version3.6.8

Mozilla ≫ Firefox Version3.6.9

Mozilla ≫ Firefox Version3.6.10

Mozilla ≫ Firefox Version3.6.11

Mozilla ≫ Firefox Version3.6.12

Mozilla ≫ Firefox Version3.6.13

Mozilla ≫ Firefox Version3.6.14

Mozilla ≫ Firefox Version3.6.15

Mozilla ≫ Firefox Version3.6.16

Mozilla ≫ Firefox Version3.6.17

Mozilla ≫ Firefox Version3.6.18

Mozilla ≫ Seamonkey Version2.0

Mozilla ≫ Seamonkey Version2.0 Updatealpha_1

Mozilla ≫ Seamonkey Version2.0 Updatealpha_2

Mozilla ≫ Seamonkey Version2.0 Updatealpha_3

Mozilla ≫ Seamonkey Version2.0 Updatebeta_1

Mozilla ≫ Seamonkey Version2.0 Updatebeta_2

Mozilla ≫ Seamonkey Version2.0 Updaterc1

Mozilla ≫ Seamonkey Version2.0 Updaterc2

Mozilla ≫ Seamonkey Version2.0.1

Mozilla ≫ Seamonkey Version2.0.2

Mozilla ≫ Seamonkey Version2.0.3

Mozilla ≫ Seamonkey Version2.0.4

Mozilla ≫ Seamonkey Version2.0.5

Mozilla ≫ Seamonkey Version2.0.6

Mozilla ≫ Seamonkey Version2.0.7

Mozilla ≫ Seamonkey Version2.0.8

Mozilla ≫ Seamonkey Version2.0.9

Mozilla ≫ Seamonkey Version2.0.10

Mozilla ≫ Seamonkey Version2.0.11

Mozilla ≫ Seamonkey Version2.0.12

Mozilla ≫ Seamonkey Version2.0.13

Mozilla ≫ Seamonkey Version2.0.14

Mozilla ≫ Seamonkey Version2.1 Updatealpha1

Mozilla ≫ Seamonkey Version2.1 Updatealpha2

Mozilla ≫ Seamonkey Version2.1 Updatealpha3

Mozilla ≫ Thunderbird Version3.0

Mozilla ≫ Thunderbird Version3.0.1

Mozilla ≫ Thunderbird Version3.0.2

Mozilla ≫ Thunderbird Version3.0.3

Mozilla ≫ Thunderbird Version3.0.4

Mozilla ≫ Thunderbird Version3.0.5

Mozilla ≫ Thunderbird Version3.0.6

Mozilla ≫ Thunderbird Version3.0.7

Mozilla ≫ Thunderbird Version3.0.8

Mozilla ≫ Thunderbird Version3.0.9

Mozilla ≫ Thunderbird Version3.0.10

Mozilla ≫ Thunderbird Version3.0.11

Mozilla ≫ Thunderbird Version3.1

Mozilla ≫ Thunderbird Version3.1.1

Mozilla ≫ Thunderbird Version3.1.2

Mozilla ≫ Thunderbird Version3.1.3

Mozilla ≫ Thunderbird Version3.1.4

Mozilla ≫ Thunderbird Version3.1.5

Mozilla ≫ Thunderbird Version3.1.6

Mozilla ≫ Thunderbird Version3.1.7

Mozilla ≫ Thunderbird Version3.1.8

Mozilla ≫ Thunderbird Version3.1.9

Mozilla ≫ Thunderbird Version3.1.10

Mozilla ≫ Thunderbird Version3.1.11

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.28%	0.777

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html

http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html

http://www.debian.org/security/2011/dsa-2295

http://www.debian.org/security/2011/dsa-2296

http://www.debian.org/security/2011/dsa-2297

http://www.mandriva.com/security/advisories?name=MDVSA-2011:127

http://www.mozilla.org/security/announce/2011/mfsa2011-30.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2011-1164.html

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=614151

https://bugzilla.mozilla.org/show_bug.cgi?id=643450

https://bugzilla.mozilla.org/show_bug.cgi?id=650252

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14512

https://nvd.nist.gov/vuln/detail/CVE-2011-2981

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2981

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2981

EUVD