CVE-2011-2993 in Firefoxinfo

Zusammenfassung

von MITRE

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

01.08.2011

Veröffentlichung

18.08.2011

Moderieren

akzeptiert

Eintrag

VDB-58320

CPE

bereit

CWE

CWE-264 (bestätigt)

CVSS

9.3 (NVD)

EPSS

0.01251

KEV

nein

Aktivitäten

very low

Sektor

Transportation, Telecommunication, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2993
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2993
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2993/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!