CVE-2011-3658 in Firefoxinfo

Summary

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

09/23/2011

Disclosure

12/20/2011

Moderation

VulDB entry created

Entries

VDB-4495 (1)

CPE

ready

CWE

CWE-399 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.75876

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3658
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3658
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3658/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!