CVE-2011-3654
Publication date 9 November 2011
Last updated 24 July 2024
Ubuntu priority
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Fixed 8.0+build1-0ubuntu0.11.10.3
|
|
11.04 natty |
Fixed 8.0+build1-0ubuntu0.11.04.3
|
|
10.10 maverick | Ignored end of life | |
10.04 LTS lucid |
Fixed
|
|
8.04 LTS hardy | Ignored end of life | |
seamonkey | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
thunderbird | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Fixed 8.0+build1-0ubuntu0.11.10.1
|
|
11.04 natty |
Fixed
|
|
10.10 maverick | Ignored end of life | |
10.04 LTS lucid |
Fixed
|
|
8.04 LTS hardy | Ignored end of life | |
xulrunner-1.9.2 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty | Ignored end of life | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
xulrunner-2.0 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty | Ignored end of life | |
10.10 maverick | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-1277-1
- Firefox vulnerabilities
- 23 November 2011
- USN-1282-1
- Thunderbird vulnerabilities
- 28 November 2011