Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-2362

Published: 30/06/2011 Updated: 19/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Mozilla

Vulnerability Summary

Mozilla Firefox prior to 3.6.18, Thunderbird prior to 3.1.11, and SeaMonkey up to and including 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla seamonkey 1.0

mozilla seamonkey 1.0.1

mozilla seamonkey 1.0.9

mozilla seamonkey 1.1

mozilla seamonkey 1.1.13

mozilla seamonkey 1.1.14

mozilla seamonkey 1.1.3

mozilla seamonkey 1.1.4

mozilla seamonkey 1.1.5

mozilla seamonkey 1.5.0.10

mozilla seamonkey 1.5.0.8

mozilla seamonkey 1.0.2

mozilla seamonkey 1.0.3

mozilla seamonkey 1.0.4

mozilla seamonkey 1.1.1

mozilla seamonkey 1.1.10

mozilla seamonkey 1.1.15

mozilla seamonkey 1.1.16

mozilla seamonkey 1.1.6

mozilla seamonkey 1.1.7

mozilla seamonkey 1.5.0.9

mozilla seamonkey 2.0

mozilla seamonkey 2.0.9

mozilla seamonkey 1.0.7

mozilla seamonkey 1.0.8

mozilla seamonkey 1.1.11

mozilla seamonkey 1.1.12

mozilla seamonkey 1.1.19

mozilla seamonkey 1.1.2

mozilla seamonkey 2.0.3

mozilla seamonkey 2.0.4

mozilla seamonkey 2.0.5

mozilla seamonkey 2.0.6

mozilla seamonkey 2.0.13

mozilla seamonkey 2.0.14

mozilla seamonkey 2.0.10

mozilla seamonkey 2.0.7

mozilla seamonkey 2.0.8

mozilla seamonkey 1.0.5

mozilla seamonkey 1.0.6

mozilla seamonkey 1.1.17

mozilla seamonkey 1.1.18

mozilla seamonkey 1.1.8

mozilla seamonkey 1.1.9

mozilla seamonkey 2.0.1

mozilla seamonkey 2.0.2

mozilla seamonkey 2.0.11

mozilla seamonkey 2.0.12

mozilla firefox 3.5.6

mozilla firefox 3.5.7

mozilla firefox 3.0.15

mozilla firefox 3.0.14

mozilla firefox 3.0.13

mozilla firefox 3.0.6

mozilla firefox 3.0.5

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.15

mozilla firefox 2.0.0.13

mozilla firefox 2.0.0.3

mozilla firefox 2.0.0.2

mozilla firefox 1.5.0.11

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.9

mozilla firefox 1.5.5

mozilla firefox 1.0.1

mozilla firefox 1.0.6

mozilla firefox 1.0.8

mozilla firefox 3.5.17

mozilla firefox 3.6.4

mozilla firefox 3.6.3

mozilla firefox 3.6.11

mozilla firefox 3.6.15

mozilla firefox 3.6.16

mozilla firefox

mozilla firefox 3.5.2

mozilla firefox 3.5.3

mozilla firefox 3.5.8

mozilla firefox 3.5

mozilla firefox 3.0.10

mozilla firefox 3.0.9

mozilla firefox 3.0.2

mozilla firefox 3.0.1

mozilla firefox 2.0.0.9

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.18

mozilla firefox 2.0.0.6

mozilla firefox 1.5.0.4

mozilla firefox 1.5.0.5

mozilla firefox 1.5.0.10

mozilla firefox 1.5.3

mozilla firefox 1.5.4

mozilla firefox 1.5

mozilla firefox 1.5.8

mozilla firefox 1.0.2

mozilla firefox 1.0.5

mozilla firefox 3.5.13

mozilla firefox 3.5.14

mozilla firefox 3.6.2

mozilla firefox 3.6.8

mozilla firefox 3.6.13

mozilla firefox 3.5.18

mozilla firefox 3.5.1

mozilla firefox 3.5.10

mozilla firefox 3.5.9

mozilla firefox 3.0.12

mozilla firefox 3.0.11

mozilla firefox 3.0.4

mozilla firefox 3.0.3

mozilla firefox 2.0.0.20

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.7

mozilla firefox 2.0

mozilla firefox 2.0.0.1

mozilla firefox 1.5.0.1

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.7

mozilla firefox 1.0

mozilla firefox 1.0.3

mozilla firefox 3.5.11

mozilla firefox 3.5.12

mozilla firefox 3.6

mozilla firefox 3.6.12

mozilla firefox 3.6.10

mozilla firefox 3.6.9

mozilla firefox 3.5.4

mozilla firefox 3.5.5

mozilla firefox 3.0.17

mozilla firefox 3.0.16

mozilla firefox 3.0.8

mozilla firefox 3.0.7

mozilla firefox 3.0

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.16

mozilla firefox 2.0.0.11

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.4

mozilla firefox 1.5.0.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5.1

mozilla firefox 1.5.2

mozilla firefox 1.5.7

mozilla firefox 1.5.6

mozilla firefox 1.0.4

mozilla firefox 1.0.7

mozilla firefox 3.5.15

mozilla firefox 3.5.16

mozilla firefox 3.6.6

mozilla firefox 3.6.7

mozilla firefox 3.5.19

mozilla firefox 3.6.14

mozilla thunderbird 2.0.0.2

mozilla thunderbird 1.5.0.9

mozilla thunderbird 3.0.2

mozilla thunderbird 2.0.0.4

mozilla thunderbird 2.0.0.8

mozilla thunderbird 1.0.2

mozilla thunderbird 1.0.3

mozilla thunderbird 3.1.7

mozilla thunderbird 3.1.3

mozilla thunderbird 1.5.0.1

mozilla thunderbird 3.0.9

mozilla thunderbird 2.0.0.7

mozilla thunderbird 2.0

mozilla thunderbird 1.5.0.5

mozilla thunderbird 2.0.0.22

mozilla thunderbird 0.7.2

mozilla thunderbird 0.7.3

mozilla thunderbird 0.9

mozilla thunderbird 0.1

mozilla thunderbird 2.0.0.18

mozilla thunderbird 3.1.8

mozilla thunderbird 2.0.0.0

mozilla thunderbird 3.0

mozilla thunderbird 1.5.1

mozilla thunderbird 2.0.0.19

mozilla thunderbird 1.0.6

mozilla thunderbird 1.0.7

mozilla thunderbird 3.0.7

mozilla thunderbird 1.0.5

mozilla thunderbird 3.1.6

mozilla thunderbird 1.5.0.6

mozilla thunderbird 1.5.0.2

mozilla thunderbird 3.1.2

mozilla thunderbird 2.0.0.16

mozilla thunderbird 2.0.0.14

mozilla thunderbird 1.7.1

mozilla thunderbird 1.7.3

mozilla thunderbird 2.0.0.6

mozilla thunderbird 1.0

mozilla thunderbird 1.5

mozilla thunderbird 0.6

mozilla thunderbird 0.3

mozilla thunderbird 2.0.0.1

mozilla thunderbird 1.5.0.8

mozilla thunderbird 1.5.2

mozilla thunderbird 3.0.3

mozilla thunderbird 3.0.1

mozilla thunderbird 3.0.8

mozilla thunderbird 1.0.4

mozilla thunderbird 3.0.11

mozilla thunderbird 1.5.0.4

mozilla thunderbird 1.5.0.10

mozilla thunderbird 1.5.0.11

mozilla thunderbird 2.0.0.21

mozilla thunderbird 3.0.10

mozilla thunderbird 2.0.0.9

mozilla thunderbird 2.0.0.23

mozilla thunderbird 0.7

mozilla thunderbird 0.7.1

mozilla thunderbird 0.2

mozilla thunderbird 0.5

mozilla thunderbird 3.1.9

mozilla thunderbird

mozilla thunderbird 2.0.0.3

mozilla thunderbird 3.0.5

mozilla thunderbird 2.0.0.12

mozilla thunderbird 2.0.0.5

mozilla thunderbird 1.0.8

mozilla thunderbird 3.1.4

mozilla thunderbird 1.5.0.3

mozilla thunderbird 1.5.0.7

mozilla thunderbird 3.1.5

mozilla thunderbird 3.0.6

mozilla thunderbird 3.1.1

mozilla thunderbird 3.1

mozilla thunderbird 2.0.0.17

mozilla thunderbird 1.5.0.12

mozilla thunderbird 1.5.0.13

mozilla thunderbird 1.5.0.14

mozilla thunderbird 1.0.1

mozilla thunderbird 0.8

mozilla thunderbird 0.4

mozilla thunderbird 3.0.4

Vendor Advisories

Ubuntu Security Notice: firefox, xulrunner-1.9.2 vulnerabilities
Multiple Vulnerabilities were fixed in Firefox and Xulrunner ...
Ubuntu Security Notice: firefox regression
In rare instances, Firefox could have trouble accessing some websites ...
Ubuntu Security Notice: thunderbird vulnerabilities
Multiple vulnerabilities were fixed in Thunderbird ...
Debian Security Advisories: DSA-2268-1 iceweasel -- several vulnerabilities
Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0083 / CVE-2011-2363 regenrecht discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code CVE-2011-0085 regenrecht discovered a use-after-free in XUL processing, which could lead to the execution o ...
Debian Security Advisories: DSA-2269-1 iceape -- several vulnerabilities
Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-0083 / CVE-2011-2363 regenrecht discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code CVE-2011-0085 regenrecht discovered a use-after-free in XUL processing, which could lead ...
Mozilla: Cookie isolation error
Mozilla Foundation Security Advisory 2011-24 Cookie isolation error Announced June 21, 2011 Reporter David Chan Impact Moderate Products Firefox, Thunderbird Fixed in Firefox 361 ...

References

CWE-264https://bugzilla.mozilla.org/show_bug.cgi?id=616264http://www.mozilla.org/security/announce/2011/mfsa2011-24.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:111http://www.redhat.com/support/errata/RHSA-2011-0885.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0888.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0887.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0886.htmlhttp://www.debian.org/security/2011/dsa-2268http://www.debian.org/security/2011/dsa-2273http://www.debian.org/security/2011/dsa-2269http://www.ubuntu.com/usn/USN-1149-1http://secunia.com/advisories/45002http://support.avaya.com/css/P8/documents/100144854http://support.avaya.com/css/P8/documents/100145333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13693https://nvd.nist.govhttps://usn.ubuntu.com/1149-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook