CVE-2011-2987

Published: 17 August 2011

Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.

Priority

Medium

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (6.0)
firefox-3.0
Launchpad, Ubuntu, Debian
Upstream Needs triage
(Ubuntu source uses 3.6.x)
firefox-3.5
Launchpad, Ubuntu, Debian
Upstream Needs triage
(Ubuntu source uses 3.6.x)
seamonkey
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

thunderbird
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

xulrunner-1.9.2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

xulrunner-2.0
Launchpad, Ubuntu, Debian
Upstream Needed