Fluid Attacks Database

Description

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel6	thunderbird	<0:3.1.10-1.el6_0	0:3.1.10-1.el6_0
rpm rhel5	xulrunner	<0:1.9.2.17-3.el5_6	0:1.9.2.17-3.el5_6
rpm rhel6	xulrunner	<0:1.9.2.17-4.el6_0	0:1.9.2.17-4.el6_0
rpm rhel6	firefox	<0:3.6.17-1.el6_0	0:3.6.17-1.el6_0
rpm rhel5	firefox	<0:3.6.17-1.el5_6	0:3.6.17-1.el5_6

Aliases

1. CVE-2011-00702. NVD-2011-00703. OSV-2011-0070

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.