PT-2011-2063 · Mozilla+1 · Seamonkey+2

Regenrecht

·

Publicado

2011-04-29

·

Atualizado

2017-09-19

·

CVE-2011-0073

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.5.19 Mozilla Firefox versions 3.6.x prior to 3.6.17 SeaMonkey versions prior to 2.0.14
Description The issue is related to the improper use of nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
Recommendations For Mozilla Firefox versions prior to 3.5.19, update to version 3.5.19 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.17, update to version 3.6.17 or later. For SeaMonkey versions prior to 2.0.14, update to version 2.0.14 or later.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2011-0073
DSA-2227-1
DSA-2228-1
DSA-2235-1
RHSA-2011:0471
RHSA-2011:0473
RHSA-2011:0474
RHSA-2011:0475
RHSA-2011_0471
RHSA-2011_0473
RHSA-2011_0474
RHSA-2011_0475
ZDI-11-157

Produtos afetados

Firefox
Red Hat
Seamonkey