CVE-2011-0887
published 2011-02-08CVE-2011-0887: The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time…
PriorityP428medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
4.67%
90.6th percentile
The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| smc_networks | smcd3g-ccr_firmware | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2011-2377 Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)
bugzilla·2011-06-21·CVSS 5.0
CVE-2011-2377 [MEDIUM] CVE-2011-2377 Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)
CVE-2011-2377 Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)
Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim's computer.
Discussion:
Public now via:
[1] http://www.mozilla.org/security/announce/2011/mfsa2011-21.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:0887 https://rhn.redhat.com/errata/RHSA-2011-0887.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RH
Bugzilla
CVE-2011-2373 Mozilla Use-after-free vulnerability when viewing XUL document with script disabled (MFSA 2011-20)
bugzilla·2011-06-20·CVSS 7.6
CVE-2011-2373 [HIGH] CVE-2011-2373 Mozilla Use-after-free vulnerability when viewing XUL document with script disabled (MFSA 2011-20)
CVE-2011-2373 Mozilla Use-after-free vulnerability when viewing XUL document with script disabled (MFSA 2011-20)
Security researcher Martin Barbella reported that under certain conditions,
viewing a XUL document while JavaScript caused deleted memory to be accessed.
This flaw could potentially be used by an attacker to crash a victim's
browser and run arbitrary code on their computer.
Discussion:
Public now via:
[1] http://www.mozilla.org/security/announce/2011/mfsa2011-20.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:0887 https://rhn.redhat.com/errata/RHSA-2011-0887.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Via RHSA-2011:0888 https://rhn.redhat.com/
Bugzilla
CVE-2011-2362 Mozilla Cookie isolation error (MFSA 2011-24)
bugzilla·2011-06-20·CVSS 5.0
CVE-2011-2362 [MEDIUM] CVE-2011-2362 Mozilla Cookie isolation error (MFSA 2011-24)
CVE-2011-2362 Mozilla Cookie isolation error (MFSA 2011-24)
Mozilla security researcher David Chan reported that cookies set for example.com. (note the trailing dot) and example.com were treated as interchangeable. This is a violation of same-origin conventions and could potentially lead to leakage of cookie data to the wrong party.
This issue did not affect Firefox 4 or newer products.
Discussion:
Public now via:
[1] http://www.mozilla.org/security/announce/2011/mfsa2011-24.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:0887 https://rhn.redhat.com/errata/RHSA-2011-0887.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:0886 https://rhn.redhat.c
Bugzilla
CVE-2011-2371 Mozilla Integer overflow and arbitrary code execution (MFSA 2011-22)
bugzilla·2011-06-20·CVSS 10.0
CVE-2011-2371 [CRITICAL] CVE-2011-2371 Mozilla Integer overflow and arbitrary code execution (MFSA 2011-22)
CVE-2011-2371 Mozilla Integer overflow and arbitrary code execution (MFSA 2011-22)
Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano Security
reported that when a JavaScript Array object had its length set to an
extremely large value, the iteration of array elements that occurs when
its reduceRight method was subsequently called could result in the
execution of attacker controlled memory due to an invalid index value
being used to access element properties.
Discussion:
Public now via:
[1] http://www.mozilla.org/security/announce/2011/mfsa2011-22.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2011:0887 https://rhn.redhat.com/errata/RHSA-2011-0887.html
---
This issue has been addressed in foll
http://seclists.org/bugtraq/2011/Feb/36http://secunia.com/advisories/43199http://securityreason.com/securityalert/8068http://www.exploit-db.com/exploits/16123/http://www.securityfocus.com/archive/1/516205/100/0/threadedhttp://www.securityfocus.com/bid/46215https://exchange.xforce.ibmcloud.com/vulnerabilities/65186https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txthttp://seclists.org/bugtraq/2011/Feb/36http://secunia.com/advisories/43199http://securityreason.com/securityalert/8068http://www.exploit-db.com/exploits/16123/http://www.securityfocus.com/archive/1/516205/100/0/threadedhttp://www.securityfocus.com/bid/46215https://exchange.xforce.ibmcloud.com/vulnerabilities/65186https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt
2011-02-08
Published