Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2011-2371

Published: 30/06/2011 Updated: 19/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Mozilla

Vulnerability Summary

Integer overflow in the Array.reduceRight method in Mozilla Firefox prior to 3.6.18 and 4.x up to and including 4.0.1, Thunderbird prior to 3.1.11, and SeaMonkey up to and including 2.0.14 allows remote malicious users to execute arbitrary code via vectors involving a long JavaScript Array object.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla seamonkey 1.0

mozilla seamonkey 1.0.1

mozilla seamonkey 1.0.9

mozilla seamonkey 1.1

mozilla seamonkey 1.1.13

mozilla seamonkey 1.1.14

mozilla seamonkey 1.1.3

mozilla seamonkey 1.1.4

mozilla seamonkey 1.1.5

mozilla seamonkey 1.5.0.10

mozilla seamonkey 1.5.0.8

mozilla seamonkey 2.0

mozilla seamonkey 2.0.7

mozilla seamonkey 2.0.8

mozilla seamonkey 1.0.7

mozilla seamonkey 1.0.8

mozilla seamonkey 1.1.11

mozilla seamonkey 1.1.12

mozilla seamonkey 1.1.19

mozilla seamonkey 1.1.2

mozilla seamonkey 2.0.3

mozilla seamonkey 2.0.4

mozilla seamonkey 2.0.5

mozilla seamonkey 2.0.6

mozilla seamonkey 2.0.13

mozilla seamonkey 2.0.14

mozilla seamonkey 1.0.5

mozilla seamonkey 1.0.6

mozilla seamonkey 1.1.17

mozilla seamonkey 1.1.18

mozilla seamonkey 1.1.8

mozilla seamonkey 1.1.9

mozilla seamonkey 2.0.1

mozilla seamonkey 2.0.2

mozilla seamonkey 2.0.11

mozilla seamonkey 2.0.12

mozilla seamonkey 1.0.2

mozilla seamonkey 1.0.3

mozilla seamonkey 1.0.4

mozilla seamonkey 1.1.1

mozilla seamonkey 1.1.10

mozilla seamonkey 1.1.15

mozilla seamonkey 1.1.16

mozilla seamonkey 1.1.6

mozilla seamonkey 1.1.7

mozilla seamonkey 1.5.0.9

mozilla seamonkey 2.0.9

mozilla seamonkey 2.0.10

mozilla firefox 3.5.1

mozilla firefox 3.5.10

mozilla firefox 3.5.9

mozilla firefox 3.0.12

mozilla firefox 3.0.11

mozilla firefox 3.0.4

mozilla firefox 3.0.3

mozilla firefox 2.0.0.20

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.7

mozilla firefox 2.0

mozilla firefox 2.0.0.1

mozilla firefox 1.5

mozilla firefox 1.5.0.1

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.7

mozilla firefox 1.0

mozilla firefox 1.0.3

mozilla firefox 3.5.11

mozilla firefox 3.5.12

mozilla firefox 3.6

mozilla firefox 3.6.12

mozilla firefox 3.6.10

mozilla firefox 3.6.9

mozilla firefox 3.5.6

mozilla firefox 3.5.7

mozilla firefox 3.0.14

mozilla firefox 3.0.13

mozilla firefox 3.0.6

mozilla firefox 3.0.5

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.15

mozilla firefox 2.0.0.13

mozilla firefox 2.0.0.3

mozilla firefox 2.0.0.2

mozilla firefox 1.5.0.11

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.9

mozilla firefox 1.5.5

mozilla firefox 1.0.1

mozilla firefox 1.0.6

mozilla firefox 1.0.8

mozilla firefox 3.5.17

mozilla firefox 3.6.4

mozilla firefox 3.6.3

mozilla firefox 3.6.11

mozilla firefox 3.6.15

mozilla firefox 3.6.16

mozilla firefox

mozilla firefox 3.5.4

mozilla firefox 3.5.5

mozilla firefox 3.0.17

mozilla firefox 3.0.16

mozilla firefox 3.0.15

mozilla firefox 3.0.8

mozilla firefox 3.0.7

mozilla firefox 3.0

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.16

mozilla firefox 2.0.0.11

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.4

mozilla firefox 1.5.0.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5.1

mozilla firefox 1.5.2

mozilla firefox 1.5.7

mozilla firefox 1.5.6

mozilla firefox 1.0.4

mozilla firefox 3.5.2

mozilla firefox 3.5.3

mozilla firefox 3.5.8

mozilla firefox 3.5

mozilla firefox 3.0.10

mozilla firefox 3.0.9

mozilla firefox 3.0.2

mozilla firefox 3.0.1

mozilla firefox 2.0.0.9

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.18

mozilla firefox 2.0.0.6

mozilla firefox 1.0.7

mozilla firefox 3.5.15

mozilla firefox 3.5.16

mozilla firefox 3.6.6

mozilla firefox 3.6.7

mozilla firefox 3.5.19

mozilla firefox 3.6.14

mozilla firefox 1.5.0.4

mozilla firefox 1.5.0.5

mozilla firefox 1.5.0.10

mozilla firefox 1.5.3

mozilla firefox 1.5.4

mozilla firefox 1.5.8

mozilla firefox 1.0.2

mozilla firefox 1.0.5

mozilla firefox 3.5.13

mozilla firefox 3.5.14

mozilla firefox 3.6.2

mozilla firefox 3.6.8

mozilla firefox 3.6.13

mozilla firefox 3.5.18

mozilla thunderbird 2.0.0.1

mozilla thunderbird 1.5.0.8

mozilla thunderbird 1.5.2

mozilla thunderbird 3.0.3

mozilla thunderbird 3.0.1

mozilla thunderbird 3.0.8

mozilla thunderbird 1.0.4

mozilla thunderbird 3.0.11

mozilla thunderbird 1.5.0.4

mozilla thunderbird 1.5.0.10

mozilla thunderbird 1.5.0.11

mozilla thunderbird 2.0.0.21

mozilla thunderbird 3.0.10

mozilla thunderbird 2.0.0.9

mozilla thunderbird 2.0.0.23

mozilla thunderbird 0.7

mozilla thunderbird 0.7.1

mozilla thunderbird 0.2

mozilla thunderbird 0.5

mozilla thunderbird 3.1.9

mozilla thunderbird 2.0.0.2

mozilla thunderbird 1.5.0.9

mozilla thunderbird 3.0.2

mozilla thunderbird 2.0.0.4

mozilla thunderbird 2.0.0.8

mozilla thunderbird 1.0.2

mozilla thunderbird 1.0.3

mozilla thunderbird 3.1.7

mozilla thunderbird 3.1.3

mozilla thunderbird 1.5.0.1

mozilla thunderbird 3.0.9

mozilla thunderbird 2.0.0.7

mozilla thunderbird 2.0

mozilla thunderbird 1.5.0.5

mozilla thunderbird 2.0.0.22

mozilla thunderbird 0.7.2

mozilla thunderbird 2.0.0.3

mozilla thunderbird 3.0.5

mozilla thunderbird 2.0.0.12

mozilla thunderbird 2.0.0.5

mozilla thunderbird 1.0.8

mozilla thunderbird 1.5

mozilla thunderbird 3.1.4

mozilla thunderbird 1.5.0.3

mozilla thunderbird 1.5.0.7

mozilla thunderbird 3.1.5

mozilla thunderbird 3.0.6

mozilla thunderbird 3.1.1

mozilla thunderbird 3.1

mozilla thunderbird 2.0.0.17

mozilla thunderbird 1.5.0.12

mozilla thunderbird 1.5.0.13

mozilla thunderbird 1.5.0.14

mozilla thunderbird 1.0.1

mozilla thunderbird 0.8

mozilla thunderbird 0.4

mozilla thunderbird 3.0.4

mozilla thunderbird 0.7.3

mozilla thunderbird 0.9

mozilla thunderbird 0.1

mozilla thunderbird 2.0.0.18

mozilla thunderbird 3.1.8

mozilla thunderbird

mozilla thunderbird 2.0.0.0

mozilla thunderbird 3.0

mozilla thunderbird 1.5.1

mozilla thunderbird 2.0.0.19

mozilla thunderbird 1.0.6

mozilla thunderbird 1.0.7

mozilla thunderbird 3.0.7

mozilla thunderbird 1.0.5

mozilla thunderbird 3.1.6

mozilla thunderbird 1.5.0.6

mozilla thunderbird 1.5.0.2

mozilla thunderbird 3.1.2

mozilla thunderbird 2.0.0.16

mozilla thunderbird 2.0.0.14

mozilla thunderbird 1.7.1

mozilla thunderbird 1.7.3

mozilla thunderbird 2.0.0.6

mozilla thunderbird 1.0

mozilla thunderbird 0.6

mozilla thunderbird 0.3

mozilla firefox 4.0

mozilla firefox 4.0.1

Vendor Advisories

Debian Security Advisories: DSA-2268-1 iceweasel -- several vulnerabilities
Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0083 / CVE-2011-2363 regenrecht discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code CVE-2011-0085 regenrecht discovered a use-after-free in XUL processing, which could lead to the execution o ...
Debian Security Advisories: DSA-2269-1 iceape -- several vulnerabilities
Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-0083 / CVE-2011-2363 regenrecht discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code CVE-2011-0085 regenrecht discovered a use-after-free in XUL processing, which could lead ...
Ubuntu Security Notice: firefox vulnerabilities
Multiple Firefox vulnerabilities have been fixed ...
Ubuntu Security Notice: firefox, xulrunner-1.9.2 vulnerabilities
Multiple Vulnerabilities were fixed in Firefox and Xulrunner ...
Ubuntu Security Notice: firefox regression
In rare instances, Firefox could have trouble accessing some websites ...
Ubuntu Security Notice: thunderbird vulnerabilities
Multiple vulnerabilities were fixed in Thunderbird ...
Ubuntu Security Notice: firefox regression
Under certain circumstances, the updated translations could unintentionally install firefox ...
Ubuntu Security Notice: mozvoikko, ubufox, webfav update
This update provides provides packages compatible with Firefox 5 ...
Mozilla: Integer overflow and arbitrary code execution in Array.reduceRight()
Mozilla Foundation Security Advisory 2011-22 Integer overflow and arbitrary code execution in ArrayreduceRight() Announced June 21, 2011 Reporter Chris Rohlf and Yan Ivnitskiy Impact Critical Products Firefox, SeaMonkey, Thu ...

Exploits

Exploit DB: Mozilla Firefox 4.0.1 - 'Array.reduceRight()' Remote Overflow
<!-- Full Exploit Code: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18531zip PoC exploit for CVE-2011-2371 tested against Firefox 401 md5 of mozjsdll: 5d7ffcc9deb5bb08417ceae51d2afed4 change constants to switch between w7/xp see my blog if you want to know how this works gdtrwordpresscom/ ...
Exploit DB: Mozilla Firefox - 'Array.reduceRight()' Integer Overflow (Metasploit) (2)
## # $Id: mozilla_reducerightrb 13909 2011-10-13 03:16:15Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...
Exploit DB: Mozilla Firefox - 'Array.reduceRight()' Integer Overflow (1)
# Title: Mozilla Firefox ArrayreduceRight() Integer Overflow Exploit # Date: 12 Oct 2011 # Author: Matteo Memelli ryujin -AT- offensive-securitycom # CVE-2011-2371 # Full exploit package: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/17974zip <html> <head> <title>ff-i-<3-u</title> ...
Exploit DB: Mozilla Firefox Integer Overflow
Mozilla Firefox Integer Overflow | Mozilla Firefox ArrayreduceRight() integer overflow exploit James Besmertnuk has reported that this vulnerability is still present in Firefox version 901 ...
Exploit DB: Mozilla Firefox 4.0.1 Integer Overflow
Mozilla Firefox version 401 ArrayreduceRight() integer overflow exploit ...

Github Repositories

https://github.com/xqrt/exploit_development

Repository to archive exploit development code and notes

expliot_development Repository to archive exploit development code and notes Table of Contents * [CVE-2011-2371: Vulnerability Discovery](#cve-2011-2371-vulnerability-discovery) * [CVE-2011-2371: Exploitation](#cve-2011-2371-exploitation) Exploits CVE-2011-2371 ArrayreduceRight() info leak and potential code execution (bugzilla

References

CWE-189http://www.mozilla.org/security/announce/2011/mfsa2011-22.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=664009http://www.mandriva.com/security/advisories?name=MDVSA-2011:111http://www.redhat.com/support/errata/RHSA-2011-0885.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0888.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0887.htmlhttp://www.debian.org/security/2011/dsa-2268http://www.debian.org/security/2011/dsa-2273http://www.debian.org/security/2011/dsa-2269http://www.ubuntu.com/usn/USN-1149-1http://secunia.com/advisories/45002http://support.avaya.com/css/P8/documents/100144854http://support.avaya.com/css/P8/documents/100145333http://securityreason.com/securityalert/8472https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13987https://nvd.nist.govhttps://github.com/xqrt/exploit_developmenthttps://www.debian.org/security/./dsa-2268https://www.exploit-db.com/exploits/18531/https://usn.ubuntu.com/1157-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook