Published: 21/12/2011 Updated: 19/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Mozilla Firefox 4.x up to and including 8.0, Thunderbird 5.0 up to and including 8.0, and SeaMonkey prior to 2.6 allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 4.0
mozilla firefox 5.0
mozilla firefox 8.0
mozilla thunderbird 5.0
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.11
mozilla seamonkey 2.0.1
mozilla seamonkey 1.1.11
mozilla seamonkey 1.0
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0
mozilla seamonkey 1.0.99
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.1.7
mozilla seamonkey 1.1.9
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.2
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.3
mozilla firefox 5.0.1
mozilla firefox 6.0
mozilla thunderbird 6.0
mozilla thunderbird 6.0.1
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.4
mozilla seamonkey 2.0.4
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.18
mozilla seamonkey 2.1
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.1.13
mozilla seamonkey 1.0.2
mozilla seamonkey
mozilla firefox 7.0
mozilla firefox 7.0.1
mozilla thunderbird 7.0.1
mozilla thunderbird 8.0
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.15
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0a1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.5
mozilla firefox 4.0.1
mozilla firefox 6.0.1
mozilla firefox 6.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 7.0
mozilla seamonkey 2.0.6
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 1.1.8
mozilla seamonkey 2.0.8
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.1

Several security issues were fixed in Firefox ...

This update provides compatible packages for Firefox 9 ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2011-58 Crash scaling <video> to extreme sizes Announced December 20, 2011 Reporter sczimmer Impact Critical Products Firefox, SeaMonkey, Thunderbird Fixed in ...

CWE-399 https://bugzilla.mozilla.org/show_bug.cgi?id=701259 http://www.mozilla.org/security/announce/2011/mfsa2011-58.html http://www.securitytracker.com/id?1026447 http://osvdb.org/77956 http://www.securitytracker.com/id?1026446 http://secunia.com/advisories/47302 http://www.mandriva.com/security/advisories?name=MDVSA-2011:192 http://secunia.com/advisories/47334 http://www.securitytracker.com/id?1026445 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html https://exchange.xforce.ibmcloud.com/vulnerabilities/71913 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14640 https://nvd.nist.gov https://usn.ubuntu.com/1306-1/

CVE-2011-3665

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect