CVE-2011-2993 in Firefox情報

要約

〜によって MITRE

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

予約する

2011年08月01日

公開

2011年08月18日

モデレーション

承諾済み

エントリ

VDB-58320

CPE

準備完了

CWE

CWE-264 (確認済み)

CVSS

9.3 (NVD)

EPSS

0.01251

KEV

いいえ

アクティビティ

非常低い

セクター

Lawfirm, Pharma, ...

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2993
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2993
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2993/

◂ 前概要次 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!