Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-0084

Опубликовано: 16 авг. 2011
Источник: redhat
CVSS2: 6.8

Описание

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux Extended Update Support 5.7firefoxAffected
Red Hat Enterprise Linux Extended Update Support 6.1firefoxAffected
Red Hat Enterprise Linux Extended Update Support 6.1thunderbirdAffected
Red Hat Enterprise Linux 4firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 5firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 6firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 6xulrunnerFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2011:116616.08.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=730519Mozilla: Crash in SVGTextElement.getCharNumAtPosition()

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-0084

ubuntu
больше 14 лет назад

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

nvd логотип

CVE-2011-0084

nvd
больше 14 лет назад

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

debian логотип

CVE-2011-0084

debian
больше 14 лет назад

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox be ...

github логотип

GHSA-ppw5-9xh7-rwjf

github
больше 3 лет назад

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

oracle-oval логотип

ELSA-2011-1166

oracle-oval
больше 14 лет назад

ELSA-2011-1166: thunderbird security update (CRITICAL)

6.8 Medium

CVSS2