Novell Home

CVE-2011-2991

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-2991 at MITRE

Description

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 712224

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.3
openSUSE 11.4 DEBUGINFO
  • seamonkey-debuginfo >= 2.3-2.2.1
  • seamonkey-debugsource >= 2.3-2.2.1
openSUSE 11.3
openSUSE 11.4
  • seamonkey >= 2.3-2.2.1
  • seamonkey-dom-inspector >= 2.3-2.2.1
  • seamonkey-irc >= 2.3-2.2.1
  • seamonkey-translations-common >= 2.3-2.2.1
  • seamonkey-translations-other >= 2.3-2.2.1
  • seamonkey-venkman >= 2.3-2.2.1
openSUSE 11.4 DEBUGINFO
  • MozillaFirefox-debuginfo >= 6.0-2.2.1
  • MozillaFirefox-debugsource >= 6.0-2.2.1
openSUSE 11.4
  • MozillaFirefox >= 6.0-2.2.1
  • MozillaFirefox-branding-upstream >= 6.0-2.2.1
  • MozillaFirefox-buildsymbols >= 6.0-2.2.1
  • MozillaFirefox-devel >= 6.0-2.2.1
  • MozillaFirefox-translations-common >= 6.0-2.2.1
  • MozillaFirefox-translations-other >= 6.0-2.2.1

© 2014 Novell