CVE-2011-3661Mozilla Seamonkey vulnerability

CWE-3997 documents5 sources
Severity
7.5HIGHNVD
EPSS
4.5%
top 10.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla SeamonkeyMozilla FirefoxMozilla Thunderbird
Timeline
PublishedDec 21
Latest updateMay 17

Description

YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDmozilla/seamonkey2.5+53
NVDmozilla/firefox10 versions+9
NVDmozilla/thunderbird7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-7vxj-v683-2w2w: YARR, as used in Mozilla Firefox 42022-05-17
CVEList
CVE-2011-3661: YARR, as used in Mozilla Firefox 42011-12-21

📋Vendor Advisories

4
Ubuntu
Thunderbird vulnerabilities2012-01-24
Ubuntu
Mozvoikko and ubufox update2012-01-06
Ubuntu
Firefox vulnerabilities2012-01-06
Red Hat
Mozilla: Multiple security flaws fixed in v3.6.25 (Mac) and v92011-12-20
CVE-2011-3661 — Mozilla Seamonkey vulnerability | cvebase