CVE-2011-2993 in Firefoxthông tin

Tóm tắt

Bởi MITRE

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Đặt trước

01/08/2011

Tiết lộ

18/08/2011

Kiểm duyệt

được chấp nhận

mục

VDB-58320

CPE

sẵn sàng

CWE

CWE-264 (Đã xác nhận)

CVSS

9.3 (NVD)

EPSS

0.01251

KEV

không

Các hoạt động

rất thấp

ngành

Education, Insurance, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2993
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2993
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2993/

◂ Trước Tổng Quan Tiếp theo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!