CVE-2011-2369

Publication date 24 June 2011

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.

Status

Package Ubuntu Release Status
firefox 12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Fixed 5.0+build1+nobinonly-0ubuntu0.11.04.1
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy Ignored end of life
firefox-3.0 12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Ignored end of life
firefox-3.5 12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
seamonkey 12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy Ignored end of life
thunderbird 12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy Ignored end of life
xulrunner-1.9.2 12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy Ignored end of life
xulrunner-2.0 12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Ignored end of life
10.10 maverick Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

References

Related Ubuntu Security Notices (USN)

Other references