CVE-2011-2371
CVE-2011-2371
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 3
exploitdbwww.exploit-db.com/exploits/17974não verificadoexploitdbwww.exploit-db.com/exploits/17976não verificadoexploitdbwww.exploit-db.com/exploits/18531não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=664009http://secunia.com/advisories/45002http://securityreason.com/securityalert/8472https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13987http://support.avaya.com/css/P8/documents/100144854http://support.avaya.com/css/P8/documents/100145333http://www.debian.org/security/2011/dsa-2268http://www.debian.org/security/2011/dsa-2269http://www.debian.org/security/2011/dsa-2273http://www.mandriva.com/security/advisories?name=MDVSA-2011:111http://www.mozilla.org/security/announce/2011/mfsa2011-22.html