Описание
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | thunderbird | Affected | ||
| Red Hat Enterprise Linux 4 | firefox | Fixed | RHSA-2011:0885 | 21.06.2011 |
| Red Hat Enterprise Linux 4 | thunderbird | Fixed | RHSA-2011:0887 | 21.06.2011 |
| Red Hat Enterprise Linux 4 | seamonkey | Fixed | RHSA-2011:0888 | 21.06.2011 |
| Red Hat Enterprise Linux 5 | firefox | Fixed | RHSA-2011:0885 | 21.06.2011 |
| Red Hat Enterprise Linux 5 | xulrunner | Fixed | RHSA-2011:0885 | 21.06.2011 |
| Red Hat Enterprise Linux 5 | thunderbird | Fixed | RHSA-2011:0887 | 21.06.2011 |
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2011:0885 | 21.06.2011 |
| Red Hat Enterprise Linux 6 | xulrunner | Fixed | RHSA-2011:0885 | 21.06.2011 |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS2
Связанные уязвимости
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x ...
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
ELSA-2011-0885: firefox security and bug fix update (CRITICAL)
6.8 Medium
CVSS2