Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-2984

Опубликовано: 16 авг. 2011
Источник: redhat
CVSS2: 5.1

Описание

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux Extended Update Support 5.7firefoxAffected
Red Hat Enterprise Linux Extended Update Support 6.1firefoxAffected
Red Hat Enterprise Linux Extended Update Support 6.1thunderbirdAffected
Red Hat Enterprise Linux 4firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 5firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 6firefoxFixedRHSA-2011:116416.08.2011
Red Hat Enterprise Linux 6xulrunnerFixedRHSA-2011:116416.08.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=730522Mozilla: Privilege escalation dropping a tab element in content area

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-2984

ubuntu
больше 14 лет назад

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

nvd логотип

CVE-2011-2984

nvd
больше 14 лет назад

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

debian логотип

CVE-2011-2984

debian
больше 14 лет назад

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3 ...

github логотип

GHSA-m776-wvh3-f9x8

github
больше 3 лет назад

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

oracle-oval логотип

ELSA-2011-1164

oracle-oval
больше 14 лет назад

ELSA-2011-1164: firefox security update (CRITICAL)

5.1 Medium

CVSS2