CVE-2011-3660
Published: 20 December 2011
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Released
(9.0.1+build1-0ubuntu0.10.04.2)
|
|
| maverick |
Ignored
(reached end-of-life)
|
|
| natty |
Released
(9.0.1+build1-0ubuntu0.11.04.1)
|
|
| oneiric |
Released
(9.0.1+build1-0ubuntu0.11.10.2)
|
|
| precise |
Not vulnerable
|
|
| quantal |
Not vulnerable
|
|
| raring |
Not vulnerable
|
|
| saucy |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Ignored
(reached end-of-life)
|
|
| maverick |
Ignored
(reached end-of-life)
|
|
| natty |
Ignored
(reached end-of-life)
|
|
| oneiric |
Ignored
(reached end-of-life)
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Released
|
|
| maverick |
Ignored
(reached end-of-life)
|
|
| natty |
Released
|
|
| oneiric |
Released
(9.0+build2-0ubuntu0.11.10.1)
|
|
| precise |
Not vulnerable
(11.0.1+build1-0ubuntu2)
|
|
| quantal |
Not vulnerable
(15.0+build1-0ubuntu1)
|
|
| raring |
Not vulnerable
(15.0+build1-0ubuntu1)
|
|
| saucy |
Not vulnerable
(15.0+build1-0ubuntu1)
|
|
| upstream |
Released
(9.0)
|
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Ignored
(see notes)
|
|
| maverick |
Ignored
(reached end-of-life)
|
|
| natty |
Ignored
(universe-binary)
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
xulrunner-2.0 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Ignored
(does not process internet content)
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3660
- http://www.mozilla.org/security/announce/2011/mfsa2011-53.html
- https://ubuntu.com/security/notices/USN-1306-1
- https://ubuntu.com/security/notices/USN-1343-1
- NVD
- Launchpad
- Debian
Bugs
- https://bugzilla.mozilla.org/show_bug.cgi?id=706249
- https://bugzilla.mozilla.org/show_bug.cgi?id=701637
- https://bugzilla.mozilla.org/show_bug.cgi?id=701248
- https://bugzilla.mozilla.org/show_bug.cgi?id=700512
- https://bugzilla.mozilla.org/show_bug.cgi?id=697255
- https://bugzilla.mozilla.org/show_bug.cgi?id=696579
- https://bugzilla.mozilla.org/show_bug.cgi?id=694200
- https://bugzilla.mozilla.org/show_bug.cgi?id=693144
- https://bugzilla.mozilla.org/show_bug.cgi?id=693143
- https://bugzilla.mozilla.org/show_bug.cgi?id=691873
- https://bugzilla.mozilla.org/show_bug.cgi?id=691746
- https://bugzilla.mozilla.org/show_bug.cgi?id=690376
- https://bugzilla.mozilla.org/show_bug.cgi?id=689892
- https://bugzilla.mozilla.org/show_bug.cgi?id=688974
- https://bugzilla.mozilla.org/show_bug.cgi?id=688364
- https://bugzilla.mozilla.org/show_bug.cgi?id=686107
- https://bugzilla.mozilla.org/show_bug.cgi?id=685321
- https://bugzilla.mozilla.org/show_bug.cgi?id=685186
- https://bugzilla.mozilla.org/show_bug.cgi?id=682252
- https://bugzilla.mozilla.org/show_bug.cgi?id=680687
- https://bugzilla.mozilla.org/show_bug.cgi?id=679986
- https://bugzilla.mozilla.org/show_bug.cgi?id=679494
- https://bugzilla.mozilla.org/show_bug.cgi?id=562442