CVE-2011-0062

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://downloads.avaya.com/css/P8/documents/100133195

http://www.mandriva.com/security/advisories?name=MDVSA-2011:041

http://www.mandriva.com/security/advisories?name=MDVSA-2011:042

http://www.mozilla.org/security/announce/2011/mfsa2011-01.html

http://www.securityfocus.com/bid/46647

https://bugzilla.mozilla.org/show_bug.cgi?id=569384

https://bugzilla.mozilla.org/show_bug.cgi?id=599610

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14409

Details

Source: MITRE

Published: 2011-03-02

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*

Tenable Plugins

View all (43 total)

IDNameProductFamilySeverity
76017openSUSE Security Update : seamonkey (seamonkey-4113)NessusSuSE Local Security Checks
critical
75963openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4149)NessusSuSE Local Security Checks
critical
75954openSUSE Security Update : mozilla-js192 (mozilla-js192-4105)NessusSuSE Local Security Checks
critical
75736openSUSE Security Update : seamonkey (seamonkey-4074)NessusSuSE Local Security Checks
critical
75673openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)NessusSuSE Local Security Checks
critical
75663openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4070)NessusSuSE Local Security Checks
critical
75650openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)NessusSuSE Local Security Checks
critical
68234Oracle Linux 4 / 6 : thunderbird (ELSA-2011-0374)NessusOracle Linux Local Security Checks
critical
68214Oracle Linux 6 : thunderbird (ELSA-2011-0311)NessusOracle Linux Local Security Checks
critical
68213Oracle Linux 4 / 5 / 6 : firefox (ELSA-2011-0310)NessusOracle Linux Local Security Checks
critical
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60976Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60966Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
57147SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7421)NessusSuSE Local Security Checks
critical
55083Ubuntu 9.10 : Multiple Xulrunner 1.9.1 vulnerabilities (USN-1123-1)NessusUbuntu Local Security Checks
critical
53798openSUSE Security Update : seamonkey (seamonkey-4074)NessusSuSE Local Security Checks
critical
53777openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)NessusSuSE Local Security Checks
critical
53774openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4070)NessusSuSE Local Security Checks
critical
53770openSUSE Security Update : MozillaFirefox (MozillaFirefox-4111)NessusSuSE Local Security Checks
critical
52944CentOS 4 : thunderbird (CESA-2011:0374)NessusCentOS Local Security Checks
critical
52762RHEL 4 / 5 / 6 : thunderbird (RHSA-2011:0374)NessusRed Hat Local Security Checks
critical
52736SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7371)NessusSuSE Local Security Checks
critical
52652SuSE 10 Security Update : mozilla-xulrunner191 (ZYPP Patch Number 7363)NessusSuSE Local Security Checks
critical
52651SuSE 11.1 Security Update : mozilla-xulrunner191 (SAT Patch Number 4085)NessusSuSE Local Security Checks
critical
52650SuSE 11.1 Security Update : Mozillla Firefox (SAT Patch Number 4104)NessusSuSE Local Security Checks
critical
52579Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.2 regression (USN-1049-2)NessusUbuntu Local Security Checks
critical
52577Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:042)NessusMandriva Local Security Checks
critical
801270Mozilla Firefox 3.6.x < 3.6.14 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801265Mozilla SeaMonkey 2.0.x < 2.0.12 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801234Mozilla Thunderbird 3.1.x < 3.1.8 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
5811SeaMonkey 2.0.x < 2.0.12 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
5810Mozilla Thunderbird 3.1.x < 3.1.8 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
high
5808Mozilla Firefox 3.6.x < 3.6.14 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
52564Mandriva Linux Security Advisory : firefox (MDVSA-2011:041)NessusMandriva Local Security Checks
critical
52533SeaMonkey < 2.0.12 Multiple VulnerabilitiesNessusWindows
high
52532Mozilla Thunderbird 3.1 < 3.1.8 Multiple VulnerabilitiesNessusWindows
high
52531Firefox 3.6 < 3.6.14 Multiple VulnerabilitiesNessusWindows
high
52527Ubuntu 10.04 LTS / 10.10 : thunderbird vulnerabilities (USN-1050-1)NessusUbuntu Local Security Checks
critical
52526Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.2 vulnerabilities (USN-1049-1)NessusUbuntu Local Security Checks
critical
52507CentOS 4 : firefox (CESA-2011:0310)NessusCentOS Local Security Checks
critical
52495RHEL 6 : thunderbird (RHSA-2011:0311)NessusRed Hat Local Security Checks
critical
52494RHEL 4 / 5 / 6 : firefox (RHSA-2011:0310)NessusRed Hat Local Security Checks
critical
52486FreeBSD : mozilla -- multiple vulnerabilities (45f102cd-4456-11e0-9580-4061862b8c22)NessusFreeBSD Local Security Checks
critical