CVE-2011-0084

Severity

Theme

CVE-2011-0084

high

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

ID	Name	Product	Family	Severity
76020	openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1)	Nessus	SuSE Local Security Checks	critical
75966	openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-5050)	Nessus	SuSE Local Security Checks	critical
75958	openSUSE Security Update : mozilla-js192 (mozilla-js192-5010)	Nessus	SuSE Local Security Checks	critical
75945	openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:0957-2)	Nessus	SuSE Local Security Checks	critical
75739	openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1)	Nessus	SuSE Local Security Checks	critical
75666	openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2011:0935-2)	Nessus	SuSE Local Security Checks	critical
75654	openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:0958-1)	Nessus	SuSE Local Security Checks	critical
68328	Oracle Linux 6 : thunderbird (ELSA-2011-1166)	Nessus	Oracle Linux Local Security Checks	critical
68326	Oracle Linux 4 / 5 / 6 : firefox (ELSA-2011-1164)	Nessus	Oracle Linux Local Security Checks	critical
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
61115	Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
61112	Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
57150	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7713)	Nessus	SuSE Local Security Checks	critical
56562	Ubuntu 11.04 : libvoikko regression (USN-1192-3)	Nessus	Ubuntu Local Security Checks	critical
56005	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7712)	Nessus	SuSE Local Security Checks	critical
56003	SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 5057)	Nessus	SuSE Local Security Checks	critical
55982	Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1185-1)	Nessus	Ubuntu Local Security Checks	critical
55942	Debian DSA-2297-1 : icedove - several vulnerabilities	Nessus	Debian Local Security Checks	critical
55921	Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1184-1)	Nessus	Ubuntu Local Security Checks	critical
801346	Mozilla Firefox 5.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801343	Mozilla Firefox 3.6 < 3.6.20 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801272	Mozilla SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801266	Mozilla Thunderbird 5 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801256	Mozilla Thunderbird 3.1 < 3.1.12 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
6012	SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
6011	Mozilla Thunderbird 3.1.x < 3.1.12 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
6010	Mozilla Thunderbird < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
6009	Mozilla Firefox 3.6.x < 3.6.20 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
6008	Mozilla Firefox < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
55902	Firefox < 6.0 Multiple Vulnerabilities	Nessus	Windows	high
55901	Firefox 3.6 < 3.6.20 Multiple Vulnerabilities	Nessus	Windows	high
55899	Ubuntu 11.04 : mozvoikko update (USN-1192-2)	Nessus	Ubuntu Local Security Checks	critical
55898	Ubuntu 11.04 : firefox vulnerabilities (USN-1192-1)	Nessus	Ubuntu Local Security Checks	critical
55894	Mandriva Linux Security Advisory : mozilla (MDVSA-2011:127)	Nessus	Mandriva Local Security Checks	critical
55889	Debian DSA-2296-1 : iceweasel - several vulnerabilities	Nessus	Debian Local Security Checks	critical
55888	Debian DSA-2295-1 : iceape - several vulnerabilities	Nessus	Debian Local Security Checks	critical
55887	Mozilla Thunderbird < 6.0 Multiple Vulnerabilities	Nessus	Windows	critical
55886	Mozilla Thunderbird 3.1 < 3.1.12 Multiple Vulnerabilities	Nessus	Windows	critical
55885	SeaMonkey < 2.3.0 Multiple Vulnerabilities	Nessus	Windows	high
55881	RHEL 6 : thunderbird (RHSA-2011:1166)	Nessus	Red Hat Local Security Checks	critical
55879	RHEL 4 / 5 / 6 : firefox (RHSA-2011:1164)	Nessus	Red Hat Local Security Checks	critical
55878	FreeBSD : mozilla -- multiple vulnerabilities (834591a9-c82f-11e0-897d-6c626dd55a41)	Nessus	FreeBSD Local Security Checks	critical
55862	CentOS 4 / 5 : firefox / xulrunner (CESA-2011:1164)	Nessus	CentOS Local Security Checks	critical

CVE-2011-0084

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

high

high

high

high

high

high

high

high

high

high

high

critical

critical

critical

critical

critical

critical

critical

high

critical

critical

critical

critical