Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-2986

Опубликовано: 18 авг. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

РелизСтатусПримечание
devel

not-affected

7.0~b1+build1+nobinonly-0ubuntu1
hardy

ignored

end of life
lucid

ignored

maverick

ignored

natty

released

6.0+build1+nobinonly-0ubuntu0.11.04.1
upstream

released

3.6.20, 6.0

Показывать по

РелизСтатусПримечание
devel

ignored

hardy

ignored

end of life
lucid

ignored

maverick

ignored

natty

ignored

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

released

6.0~b3+build1+nobinonly-0ubuntu2
hardy

ignored

end of life
lucid

ignored

maverick

ignored

natty

ignored

upstream

released

3.1.12

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

ignored

maverick

ignored

natty

ignored

upstream

released

1.9.2.20

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

DNE

maverick

DNE

natty

ignored

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%
0.00379
Низкий

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2011-2986

nvd
больше 14 лет назад

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

debian логотип

CVE-2011-2986

debian
больше 14 лет назад

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x bef ...

github логотип

GHSA-w28f-6ggv-2vjv

github
больше 3 лет назад

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

EPSS

Процентиль: 59%
0.00379
Низкий

5 Medium

CVSS2