Published: 01/02/2012 Updated: 28/08/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Use-after-free vulnerability in Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 might allow remote malicious users to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
mozilla seamonkey
mozilla thunderbird
opensuse opensuse 11.4
suse linux enterprise desktop 10
suse linux enterprise desktop 11
suse linux enterprise server 10
suse linux enterprise server 11
suse linux enterprise software development kit 10
suse linux enterprise software development kit 11

Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An updated thunderbird package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common ...

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 4, 5, and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common V ...

Several security issues were fixed in Thunderbird ...

Several security issues were fixed in Firefox ...

Several security issues were fixed in Xulrunner ...

This update provides compatible ubufox and webfav packages for the latest Firefox ...

This update provides compatible Mozvoikko packages for the latest Firefox ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes Announced January 31, 2012 Reporter regenrecht Impact Critical Products Firefox, SeaMonkey, Thunderbird ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = AverageRanking i ...

@nyimol CVE-2011-3659 Firefox 9 exploit for MacOSX

CWE-416 https://bugzilla.mozilla.org/show_bug.cgi?id=708198 http://www.mozilla.org/security/announce/2012/mfsa2012-04.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14697 https://access.redhat.com/errata/RHSA-2012:0080 https://nvd.nist.gov https://www.exploit-db.com/exploits/18870/https://usn.ubuntu.com/1350-1/

CVE-2011-3659

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect