← back
CVE-2011-2983

CVE-2011-2983

EPSS 1.6%
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=626297https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14272http://www.debian.org/security/2011/dsa-2295http://www.debian.org/security/2011/dsa-2296http://www.debian.org/security/2011/dsa-2297http://www.mandriva.com/security/advisories?name=MDVSA-2011:127http://www.mozilla.org/security/announce/2011/mfsa2011-30.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1164.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1165.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1167.html