CVE-2011-2992

Firefox 4.x-5 and SeaMonkey < 2.3 - Memory Corruption via Ogg Reader

Title source: llm
STIX 2.1

Description

The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

References (7)

Core 7
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49055
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=672789
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14209

Scores

EPSS 0.0359
EPSS Percentile 88.1%

Details

CWE
CWE-119
Status published
Products (29)
mozilla/firefox 4.0 (13 CPE variants)
mozilla/firefox 4.0.1
mozilla/firefox 5.0
mozilla/seamonkey 2.0 (8 CPE variants)
mozilla/seamonkey 2.0.1
mozilla/seamonkey 2.0.2
mozilla/seamonkey 2.0.3
mozilla/seamonkey 2.0.4
mozilla/seamonkey 2.0.5
mozilla/seamonkey 2.0.6
... and 19 more
Published Aug 18, 2011
Tracked Since Feb 18, 2026