CVE-2011-2364 — Out-of-bounds Write in Mozilla Thunderbird

10 documents5 sources

Severity

10.0CRITICALNVD

EPSS

2.8%

top 13.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Thunderbird Mozilla Firefox

Timeline

PublishedJun 30

Latest updateMay 17

Description

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDmozilla/thunderbird3.1.10+82

▶NVDmozilla/firefox15 versions+14

🔴Vulnerability Details

GHSA

GHSA-r27c-hh5c-3f96: Unspecified vulnerability in the browser engine in Mozilla Firefox 3↗2022-05-17

▶

GHSA

GHSA-3jmq-gj9r-gh7x: Unspecified vulnerability in the browser engine in Mozilla Firefox 3↗2022-05-17

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2011-07-15

▶

Ubuntu

Firefox regression↗2011-06-29

▶

Ubuntu

Firefox and Xulrunner vulnerabilities↗2011-06-22

▶

Red Hat

Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)↗2011-06-21

▶

Red Hat

Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)↗2011-06-21

▶

💬Community

Bugzilla

CVE-2011-2364 CVE-2011-2365 CVE-2011-2374 CVE-2011-2375 CVE-2011-2376 CVE-2011-2605 Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)↗2011-06-20

▶