Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2011-2983

Опубликовано: 18 авг. 2011
Источник: debian

Описание

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
icedovefixed3.1.12-1package
icedoveend-of-lifelennypackage
xulrunnerremovedpackage
xulrunnerfixed1.9.0.19-13lennypackage
iceweaselfixed6.0-1package
iceweaselnot-affectedlennypackage
iceapefixed2.0.14-5package
iceapenot-affectedlennypackage

Примечания

  • xulrunner in wheezy is not covered by security support

Связанные уязвимости

ubuntu логотип

CVE-2011-2983

ubuntu
почти 14 лет назад

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

redhat логотип

CVE-2011-2983

redhat
почти 14 лет назад

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

nvd логотип

CVE-2011-2983

nvd
почти 14 лет назад

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

github логотип

GHSA-wmwp-4vqm-9jhc

github
около 3 лет назад

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

oracle-oval логотип

ELSA-2011-1164

oracle-oval
почти 14 лет назад

ELSA-2011-1164: firefox security update (CRITICAL)