← voltar
CVE-2011-2983

CVE-2011-2983

EPSS 1.6%
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=626297https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14272http://www.debian.org/security/2011/dsa-2295http://www.debian.org/security/2011/dsa-2296http://www.debian.org/security/2011/dsa-2297http://www.mandriva.com/security/advisories?name=MDVSA-2011:127http://www.mozilla.org/security/announce/2011/mfsa2011-30.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1164.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1165.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1167.html