CVE-2011-0059

Severity

Theme

CVE-2011-0059

medium

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.

ID	Name	Product	Family	Severity
76017	openSUSE Security Update : seamonkey (seamonkey-4113)	Nessus	SuSE Local Security Checks	critical
75963	openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4149)	Nessus	SuSE Local Security Checks	critical
75954	openSUSE Security Update : mozilla-js192 (mozilla-js192-4105)	Nessus	SuSE Local Security Checks	critical
75736	openSUSE Security Update : seamonkey (seamonkey-4074)	Nessus	SuSE Local Security Checks	critical
75673	openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)	Nessus	SuSE Local Security Checks	critical
75663	openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4070)	Nessus	SuSE Local Security Checks	critical
75650	openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)	Nessus	SuSE Local Security Checks	critical
68216	Oracle Linux 4 : seamonkey (ELSA-2011-0313)	Nessus	Oracle Linux Local Security Checks	critical
68213	Oracle Linux 4 / 5 / 6 : firefox (ELSA-2011-0310)	Nessus	Oracle Linux Local Security Checks	critical
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
60974	Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
60966	Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
57147	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7421)	Nessus	SuSE Local Security Checks	critical
55083	Ubuntu 9.10 : Multiple Xulrunner 1.9.1 vulnerabilities (USN-1123-1)	Nessus	Ubuntu Local Security Checks	critical
53798	openSUSE Security Update : seamonkey (seamonkey-4074)	Nessus	SuSE Local Security Checks	critical
53777	openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)	Nessus	SuSE Local Security Checks	critical
53774	openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4070)	Nessus	SuSE Local Security Checks	critical
53770	openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)	Nessus	SuSE Local Security Checks	critical
52736	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7371)	Nessus	SuSE Local Security Checks	critical
52652	SuSE 10 Security Update : mozilla-xulrunner191 (ZYPP Patch Number 7363)	Nessus	SuSE Local Security Checks	critical
52651	SuSE 11.1 Security Update : mozilla-xulrunner191 (SAT Patch Number 4085)	Nessus	SuSE Local Security Checks	critical
52650	SuSE 11.1 Security Update : Mozillla Firefox (SAT Patch Number 4104)	Nessus	SuSE Local Security Checks	critical
52619	Debian DSA-2187-1 : icedove - several vulnerabilities	Nessus	Debian Local Security Checks	critical
52618	Debian DSA-2186-1 : iceweasel - several vulnerabilities	Nessus	Debian Local Security Checks	critical
52579	Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.2 regression (USN-1049-2)	Nessus	Ubuntu Local Security Checks	critical
801374	Mozilla Firefox 3.5.x < 3.5.17 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801270	Mozilla Firefox 3.6.x < 3.6.14 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801265	Mozilla SeaMonkey 2.0.x < 2.0.12 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
5811	SeaMonkey 2.0.x < 2.0.12 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
5809	Mozilla Firefox 3.5.x < 3.5.17 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
5808	Mozilla Firefox 3.6.x < 3.6.14 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
52564	Mandriva Linux Security Advisory : firefox (MDVSA-2011:041)	Nessus	Mandriva Local Security Checks	critical
52537	Debian DSA-2180-1 : iceape - several vulnerabilities	Nessus	Debian Local Security Checks	critical
52533	SeaMonkey < 2.0.12 Multiple Vulnerabilities	Nessus	Windows	high
52531	Firefox 3.6 < 3.6.14 Multiple Vulnerabilities	Nessus	Windows	high
52530	Firefox 3.5 < 3.5.17 Multiple Vulnerabilities	Nessus	Windows	high
52526	Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.2 vulnerabilities (USN-1049-1)	Nessus	Ubuntu Local Security Checks	critical
52509	CentOS 4 : seamonkey (CESA-2011:0313)	Nessus	CentOS Local Security Checks	critical
52507	CentOS 4 : firefox (CESA-2011:0310)	Nessus	CentOS Local Security Checks	critical
52497	RHEL 4 : seamonkey (RHSA-2011:0313)	Nessus	Red Hat Local Security Checks	critical
52494	RHEL 4 / 5 / 6 : firefox (RHSA-2011:0310)	Nessus	Red Hat Local Security Checks	critical
52486	FreeBSD : mozilla -- multiple vulnerabilities (45f102cd-4456-11e0-9580-4061862b8c22)	Nessus	FreeBSD Local Security Checks	critical

CVE-2011-0059

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

high

high

high

high

high

critical

critical

high

high

high

critical

critical

critical

critical

critical

critical