CVE-2011-0058 - OpenCVE

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Seamonkey
Redhat	Enterprise Linux

Configuration 1 [-]

AND

OR	cpe:2.3:a:mozilla:firefox:3.6:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.11:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.12:::::::*
	cpe:2.3:a:mozilla:firefox:3.6.13:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
	cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
	cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox:1.0:::::::*
	cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
	cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:1.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
	cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
	cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
	cpe:2.3:a:mozilla:firefox:2.0:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
	cpe:2.3:a:mozilla:firefox:3.0:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:3.5.13:::::::*
cpe:2.3:a:mozilla:firefox:3.5.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.15:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 4
firefox-0:3.6.14-4.el4	cpe:/o:redhat:enterprise_linux:4	RHSA-2011:0310	2011-03-02T00:00:00Z
Red Hat Enterprise Linux 5
firefox-0:3.6.14-4.el5_6	cpe:/o:redhat:enterprise_linux:5	RHSA-2011:0310	2011-03-02T00:00:00Z
xulrunner-0:1.9.2.14-4.el5_6	cpe:/o:redhat:enterprise_linux:5	RHSA-2011:0310	2011-03-02T00:00:00Z
Red Hat Enterprise Linux 6
firefox-0:3.6.14-4.el6_0	cpe:/o:redhat:enterprise_linux:6	RHSA-2011:0310	2011-03-02T00:00:00Z
xulrunner-0:1.9.2.14-3.el6_0	cpe:/o:redhat:enterprise_linux:6	RHSA-2011:0310	2011-03-02T00:00:00Z

References

Link	Providers
http://downloads.avaya.com/css/P8/documents/100133195
http://www.mandriva.com/security/advisories?name=MDVSA-2011:041
http://www.mozilla.org/security/announce/2011/mfsa2011-07.html
http://www.securityfocus.com/bid/46660
https://bugzilla.mozilla.org/show_bug.cgi?id=607160
https://nvd.nist.gov/vuln/detail/CVE-2011-0058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14254
https://www.cve.org/CVERecord?id=CVE-2011-0058

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-03-02T19:00:00

Updated: 2024-08-06T21:43:13.921Z

Reserved: 2010-12-21T00:00:00

Link: CVE-2011-0058

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-03-02T20:00:01.583

Modified: 2017-09-19T01:31:51.880

Link: CVE-2011-0058

Redhat

Severity : Critical

Publid Date: 2011-03-01T00:00:00Z

Links: CVE-2011-0058 - Bugzilla

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object