CVE-2011-2995

Firefox < 3.6.23 and 4.x-6 - Remote Code Execution

Title source: llm
STIX 2.1

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References (16)

Core 16
Core References
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:139
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=660453
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13957
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2312
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46315
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1341.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=665360
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:141
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:142
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2317
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=662215
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:140
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=655098
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2313

Scores

EPSS 0.0437
EPSS Percentile 90.2%

Details

Status published
Products (33)
mozilla/firefox 3.6
mozilla/firefox 3.6.2
mozilla/firefox 3.6.3
mozilla/firefox 3.6.4
mozilla/firefox 3.6.6
mozilla/firefox 3.6.7
mozilla/firefox 3.6.8
mozilla/firefox 3.6.9
mozilla/firefox 3.6.10
mozilla/firefox 3.6.11
... and 23 more
Published Sep 29, 2011
Tracked Since Feb 18, 2026