Published: 29/09/2011 Updated: 19/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x prior to 3.6.23 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 3.6
mozilla firefox 3.6.2
mozilla firefox 3.6.11
mozilla firefox 3.6.12
mozilla firefox 3.6.19
mozilla firefox 3.6.20
mozilla firefox 3.6.6
mozilla firefox 3.6.7
mozilla firefox 3.6.8
mozilla firefox 3.6.15
mozilla firefox 3.6.16
mozilla firefox 3.6.3
mozilla firefox 3.6.4
mozilla firefox 3.6.13
mozilla firefox 3.6.14
mozilla firefox 3.6.21
mozilla firefox 3.6.22
mozilla firefox 3.6.9
mozilla firefox 3.6.10
mozilla firefox 3.6.17
mozilla firefox 3.6.18

Multiple vulnerabilities were fixed in Thunderbird ...

Multiple vulnerabilities have been fixed in Firefox and Xulrunner ...

Mozilla Foundation Security Advisory 2011-36 Miscellaneous memory safety hazards (rv:70 / rv:19223) Announced September 27, 2011 Reporter Mozilla developers and community Impact Critical Products Firefox, SeaMonkey, Thund ...

NVD-CWE-noinfo http://www.mozilla.org/security/announce/2011/mfsa2011-36.html https://bugzilla.mozilla.org/show_bug.cgi?id=555018 http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14064 https://nvd.nist.gov https://usn.ubuntu.com/1213-1/

CVE-2011-2996

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect