CVE-2011-3659
Published: 1 February 2012
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(10.0+build1-0ubuntu0.10.04.2)
|
|
maverick |
Released
(10.0+build1-0ubuntu0.10.10.1)
|
|
natty |
Released
(10.0+build1-0ubuntu0.11.04.1)
|
|
oneiric |
Released
(10.0+build1-0ubuntu0.11.10.1)
|
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Needs triage
|
|
seamonkey Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
thunderbird Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(3.1.18+build2+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Released
(3.1.18+build2+nobinonly-0ubuntu0.10.10.1)
|
|
natty |
Released
(3.1.18+build2+nobinonly-0ubuntu0.11.04.1)
|
|
oneiric |
Released
(10.0.2+build1-0ubuntu0.11.10.1)
|
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Needs triage
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(1.9.2.26+build2+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Released
(1.9.2.26+build2+nobinonly-0ubuntu0.10.10.1)
|
|
natty |
Released
(1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1)
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
xulrunner-2.0 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
References
- http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
- https://ubuntu.com/security/notices/USN-1355-1
- https://ubuntu.com/security/notices/USN-1350-1
- https://ubuntu.com/security/notices/USN-1353-1
- https://ubuntu.com/security/notices/USN-1369-1
- https://www.cve.org/CVERecord?id=CVE-2011-3659
- NVD
- Launchpad
- Debian