CVE-2011-0051

Опубликовано: 01 мар. 2011

Источник: redhat

CVSS2: 6.8

Описание

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux Extended Update Support 4.8	firefox	Affected
Red Hat Enterprise Linux Extended Update Support 4.8	seamonkey	Affected
Red Hat Enterprise Linux Extended Update Support 4.8	thunderbird	Affected
Red Hat Enterprise Linux Extended Update Support 5.6	firefox	Affected
Red Hat Enterprise Linux Extended Update Support 5.6	thunderbird	Affected
Red Hat Enterprise Linux Extended Update Support 6.0	firefox	Affected
Red Hat Enterprise Linux 4	firefox	Fixed	RHSA-2011:0310	02.03.2011
Red Hat Enterprise Linux 4	thunderbird	Fixed	RHSA-2011:0312	02.03.2011
Red Hat Enterprise Linux 4	seamonkey	Fixed	RHSA-2011:0313	02.03.2011
Red Hat Enterprise Linux 5	thunderbird	Fixed	RHSA-2011:0312	02.03.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical

https://bugzilla.redhat.com/show_bug.cgi?id=675087Mozilla recursive eval call causes confirm dialog to evaluate to true (MFSA 2011-02)

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2011-0051

ubuntu

почти 15 лет назад

CVE-2011-0051

nvd

почти 15 лет назад

CVE-2011-0051

debian

почти 15 лет назад

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey b ...

GHSA-5mc6-qvmv-p3f9

github

больше 3 лет назад

ELSA-2011-0310

oracle-oval

почти 15 лет назад

ELSA-2011-0310: firefox security and bug fix update (CRITICAL)

6.8 Medium

CVSS2