You are here

CVE-2011-2999

Vincent (CVE) Danen's picture
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170.

Details Source

Mitre

Public Date

2011-09-28 00:00:00

Impact

Critical

Bugzilla

CVE-2011-2999 Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)

Bugzilla ID

741 904

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (thunderbird) RHSA-2011:1343 2011-09-28
Red Hat Enterprise Linux 5 (thunderbird) RHSA-2011:1343 2011-09-28
Red Hat Enterprise Linux 5 (firefox) RHSA-2011:1341 2011-09-28
Red Hat Enterprise Linux 6 (firefox) RHSA-2011:1341 2011-09-28
Red Hat Enterprise Linux 6 (thunderbird) RHSA-2011:1342 2011-09-28
Red Hat Enterprise Linux 4 (firefox) RHSA-2011:1341 2011-09-28
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2011:1343 2011-09-28
Red Hat Enterprise Linux 4 (seamonkey) RHSA-2011:1344 2011-09-28

CWE

CWE-79

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 6 xulrunner 1.9.2.23-1.el6_1.1 Fixed
Red Hat Enterprise Linux version 5 xulrunner 1.9.2.23-1.el5_7 Fixed
Red Hat Enterprise Linux Server EUS (v. 6.1) thunderbird Affected
Red Hat Enterprise Linux Server EUS (v. 6.1) firefox Affected