CVE-2011-3003
Gentoo Linux Security Advisory 201301-01
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.
Mozilla Firefox anteriores a v7.0 y SeaMonkey anteriores a v2.4 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código arbitrario a través de un caso de text WebGL sin especificar que provoca un error de reserva de memoria y una operación de escritura fuera del límite.
Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-08-01 CVE Reserved
- 2011-09-29 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14054 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.mandriva.com/security/advisories?name=MDVSA-2011:141 | 2018-11-29 | |
http://www.mozilla.org/security/announce/2011/mfsa2011-41.html | 2018-11-29 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=682335 | 2018-11-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 7.0 Search vendor "Mozilla" for product "Firefox" and version " < 7.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | < 2.4 Search vendor "Mozilla" for product "Seamonkey" and version " < 2.4" | - |
Affected
|