CVE-2011-3001
https://notcve.org/view.php?id=CVE-2011-3001
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error. Mozilla Firefox v4.x hasta v6, Thunderbird anterior a v7.0 y SeaMonkey anterior a v2.4 no impiden instalación manual de complementos (add-on) en respuesta a la presión de la tecla Enter, lo que permite a atacantes remotos asistidos por el usuario pasar por alto las restricciones de acceso a través de una web manipulada que provoca un error interno no especificado. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html http://secunia.com/advisories/46315 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories?name=MDVSA-2011:141 http://www.mandriva.com/security/advisories?name=MDVSA-2011:142 http://www.mozilla.org/security/announce/2011/mfsa2011-40.html h • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-2999 – Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
https://notcve.org/view.php?id=CVE-2011-2999
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. Mozilla Firefox anteriores a v3.6.23 y v4.x hasta v5,Thunderbird anteriores a v6.0 y SeaMonkey anteriores a v2.3 no gestionan adecuadamente "Location" como el nombre de un marco, que permite a atacantes remotos evitar la "Same Origin Policy" a través de un sitio web manipulado, vulnerabilidad diferente a CVE-2010-0170. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html http://secunia.com/advisories/46315 http://www.debian.org/security/2011/dsa-2312 http://www.debian.org/security/2011/dsa-2313 http://www.debian.org/security/2011/dsa-2317 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-3000 – Mozilla: Defense against multiple Location headers due to CRLF Injection (MFSA 2011-39)
https://notcve.org/view.php?id=CVE-2011-3000
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. Mozilla Firefox anterior a v3.6.23 y v4.x hasta v6, Thunderbird anteriores a v7.0, y SeaMonkey anteriores a v2.4 no gestionan adecuadamente las respuestas HTTP que contienen cabeceras multiple Location, Content-Length, or Content-Disposition, lo que hace más fácil para los atacantes remotos para realizar ataques de división de respuesta HTTP a través de valores de la cabecera manipuladas. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html http://secunia.com/advisories/46315 http://www.debian.org/security/2011/dsa-2312 http://www.debian.org/security/2011/dsa-2313 http://www.debian.org/security/2011/dsa-2317 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-2986
https://notcve.org/view.php?id=CVE-2011-2986
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. Firefox versiones 4.x hasta 5, Thunderbird anterior a versión 6, SeaMonkey versiones 2.x anteriores a 2.3, y posiblemente otros productos de Mozilla, cuando la API Direct2D (también se conoce como D2D) es usada en Windows, permite a los atacantes remotos omitir la Política del Mismo Origen y obtener datos de imagen confidenciales de un dominio diferente, mediante la inserción de estos datos en un canvas. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://secunia.com/advisories/49055 http://www.mozilla.org/security/announce/2011/mfsa2011-29.html http://www.mozilla.org/security/announce/2011/mfsa2011-31.html http://www.mozilla.org/security/announce/2011/mfsa2011-33.html https://bugzilla.mozilla.org/show_bug.cgi?id=655836 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14497 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-2980
https://notcve.org/view.php?id=CVE-2011-2980
Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process. Una vulnerabilidad de ruta (path) de búsqueda no confiable en la función ThinkPadSensor::Startup en Firefox anterior a versión 3.6.20, Thunderbird versiones 3.x anteriores a 3.1.12 de Mozilla, permite a los usuarios locales alcanzar privilegios mediante el aprovechamiento del acceso de escritura en un directorio no especificado para colocar un archivo DLL de tipo caballo de Troya que se carga en el proceso de Firefox en ejecución. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html https://bugzilla.mozilla.org/show_bug.cgi?id=642469 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14436 •