CVE-2011-0054Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources
Severity
10.0CRITICALNVD
EPSS
9.2%
top 7.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedMar 2
Latest updateMay 3

Description

Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDmozilla/firefox3.5.16+97
NVDmozilla/seamonkey2.0.11+44

🔴Vulnerability Details

2
GHSA
GHSA-hcxw-mjf4-w83r: Buffer overflow in the JavaScript engine in Mozilla Firefox before 32022-05-03
CVEList
CVE-2011-0054: Buffer overflow in the JavaScript engine in Mozilla Firefox before 32011-03-02

📋Vendor Advisories

4
Ubuntu
Xulrunner vulnerabilities2011-04-30
Ubuntu
Firefox and Xulrunner regression2011-03-07
Ubuntu
Firefox and Xulrunner vulnerabilities2011-03-03
Red Hat
Mozilla Buffer overflow in JavaScript upvarMap (MFSA 2011-04)2011-03-01

💬Community

1
Bugzilla
CVE-2011-0054 Mozilla Buffer overflow in JavaScript upvarMap (MFSA 2011-04)2011-02-04
CVE-2011-0054 — Mozilla Firefox vulnerability | cvebase