CVE-2011-2980

Publication date 18 August 2011

Last updated 24 July 2024


Ubuntu priority

Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.

Read the notes from the security team

Status

Package Ubuntu Release Status
firefox 11.04 natty
Fixed 6.0+build1+nobinonly-0ubuntu0.11.04.1
10.10 maverick
Fixed 3.6.20+build1+nobinonly-0ubuntu0.10.10.1
10.04 LTS lucid
Fixed 3.6.20+build1+nobinonly-0ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life
seamonkey 11.04 natty Ignored
10.10 maverick Ignored
10.04 LTS lucid Ignored
8.04 LTS hardy Ignored end of life
thunderbird 11.04 natty
Fixed 3.1.13+build1+nobinonly-0ubuntu0.11.04.1
10.10 maverick
Fixed 3.1.13+build1+nobinonly-0ubuntu0.10.10.1
10.04 LTS lucid
Fixed 3.1.13+build1+nobinonly-0ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life
xulrunner-1.9.2 11.04 natty Ignored
10.10 maverick
Fixed 1.9.2.20+build1+nobinonly-0ubuntu0.10.10.1
10.04 LTS lucid
Fixed 1.9.2.20+build1+nobinonly-0ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life
xulrunner-2.0 11.04 natty Ignored
10.10 maverick Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

Notes


jdstrand

Windows only