CVE-2011-3671Mozilla Seamonkey vulnerability

CWE-3993 documents3 sources
Severity
7.5HIGHNVD
EPSS
1.8%
top 17.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla SeamonkeyMozilla FirefoxMozilla Thunderbird
Timeline
PublishedJun 18
Latest updateMay 17

Description

Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDmozilla/seamonkey2.5+53
NVDmozilla/firefox10 versions+9
NVDmozilla/thunderbird7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-j3fg-24fx-wv59: Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement2022-05-17
CVEList
CVE-2011-3671: Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement2012-06-18
CVE-2011-3671 — Mozilla Seamonkey vulnerability | cvebase