CVE-2011-0074

Firefox 3.5.x-3.5.18 and 3.6.x-3.6.16 - Remote Code Execution or Denial of Service

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.

References (12)

Core 12
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2228
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:079
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14317
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2235
Various Sources x_refsource_confirm
http://downloads.avaya.com/css/P8/documents/100134543
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/47646
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:080
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2227
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=619021
Various Sources x_refsource_confirm
http://downloads.avaya.com/css/P8/documents/100144158

Scores

EPSS 0.0526
EPSS Percentile 91.6%

Details

Status published
Products (46)
mozilla/firefox 3.6
mozilla/firefox 3.6.2
mozilla/firefox 3.6.3
mozilla/firefox 3.6.4
mozilla/firefox 3.6.6
mozilla/firefox 3.6.7
mozilla/firefox 3.6.8
mozilla/firefox 3.6.9
mozilla/firefox 3.6.10
mozilla/firefox 3.6.11
... and 36 more
Published May 07, 2011
Tracked Since Feb 18, 2026