CVSS: 6.8EPSS: 1%CPEs: 204EXPL: 0CVE-2011-2999 – Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
https://notcve.org/view.php?id=CVE-2011-2999
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. Mozilla Firefox anteriores a v3.6.23 y v4.x hasta v5,Thunderbird anteriores a v6.0 y SeaMonkey anteriores a v2.3 no gestionan adecuadamente "Location" como el nombre de un marco, que permite a atacantes remotos evitar la "Same Origin Policy" a través de un sitio web manipulado, vulnerabilidad diferente a CVE-2010-0170. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html http://secunia.com/advisories/46315 http://www.debian.org/security/2011/dsa-2312 http://www.debian.org/security/2011/dsa-2313 http://www.debian.org/security/2011/dsa-2317 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 20%CPEs: 207EXPL: 0CVE-2011-3000 – Mozilla: Defense against multiple Location headers due to CRLF Injection (MFSA 2011-39)
https://notcve.org/view.php?id=CVE-2011-3000
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. Mozilla Firefox anterior a v3.6.23 y v4.x hasta v6, Thunderbird anteriores a v7.0, y SeaMonkey anteriores a v2.4 no gestionan adecuadamente las respuestas HTTP que contienen cabeceras multiple Location, Content-Length, or Content-Disposition, lo que hace más fácil para los atacantes remotos para realizar ataques de división de respuesta HTTP a través de valores de la cabecera manipuladas. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html http://secunia.com/advisories/46315 http://www.debian.org/security/2011/dsa-2312 http://www.debian.org/security/2011/dsa-2313 http://www.debian.org/security/2011/dsa-2317 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://www.mandriva.com/security/advisories? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 1%CPEs: 134EXPL: 0CVE-2011-2980
https://notcve.org/view.php?id=CVE-2011-2980
Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process. Una vulnerabilidad de ruta (path) de búsqueda no confiable en la función ThinkPadSensor::Startup en Firefox anterior a versión 3.6.20, Thunderbird versiones 3.x anteriores a 3.1.12 de Mozilla, permite a los usuarios locales alcanzar privilegios mediante el aprovechamiento del acceso de escritura en un directorio no especificado para colocar un archivo DLL de tipo caballo de Troya que se carga en el proceso de Firefox en ejecución. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html https://bugzilla.mozilla.org/show_bug.cgi?id=642469 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14436 •
CVSS: 6.8EPSS: 0%CPEs: 271EXPL: 0CVE-2011-2983 – Mozilla: Private data leakage using RegExp.input
https://notcve.org/view.php?id=CVE-2011-2983
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free. Firefox anterior a versión 3.6.20, Thunderbird versiones 2.x y versiones 3.x anteriores a 3.1.12, SeaMonkey versiones 1.x y 2.x, y posiblemente otros productos de Mozilla, no manejan apropiadamente la propiedad RegExp.input, lo que permite a los atacantes remotos omitir la Política del Mismo Origen y leer datos de un dominio diferente por medio de un sitio web diseñado, posiblemente relacionado con un uso de memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.debian.org/security/2011/dsa-2295 http://www.debian.org/security/2011/dsa-2296 http://www.debian.org/security/2011/dsa-2297 http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.redhat.com/support/errata/RHSA-2011-1164.html http://ww • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 159EXPL: 0CVE-2011-2981 – Mozilla: Privilege escalation using event handlers
https://notcve.org/view.php?id=CVE-2011-2981
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site. La implementación de gestión de eventos en Firefox anterior a versión 3.6.20, SeaMonkey versiones 2.x, Thunderbird versiones 3.x anteriores a 3.1.12, y posiblemente otros productos de Mozilla, no selecciona apropiadamente el contexto para que se ejecute el script, lo que permite a los atacantes remotos omitir la Política del Mismo Origen o ejecutar código JavaScript arbitrario con privilegios de chrome por medio de un sitio web diseñado. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.debian.org/security/2011/dsa-2295 http://www.debian.org/security/2011/dsa-2296 http://www.debian.org/security/2011/dsa-2297 http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.redhat.com/support/errata/RHSA-2011-1164.html https://b • CWE-16: Configuration •