CVE-2011-3654

Common Vulnerabilities and Exposures

Upstream information

CVE-2011-3654 at MITRE

Description

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

No Novell Bugzilla entries cross referenced.

SUSE Security Advisories:

openSUSE-SU-2011:1243-1, published Tue, 15 Nov 2011 15:08:39 +0100 (CET)
openSUSE-SU-2012:0567-1, published Fri, 27 Apr 2012 15:08:15 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 11.4 DEBUGINFO	`MozillaFirefox-debuginfo >= 8.0-0.2.2` `MozillaFirefox-debugsource >= 8.0-0.2.2` `MozillaThunderbird-debuginfo >= 3.1.16-0.19.2` `MozillaThunderbird-debugsource >= 3.1.16-0.19.2` `MozillaThunderbird-devel-debuginfo >= 3.1.16-0.19.2` `enigmail-debuginfo >= 1.1.2+3.1.16-0.19.2` `mozilla-js192-debuginfo >= 1.9.2.24-0.2.2` `mozilla-js192-debuginfo-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-debuginfo >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-debuginfo-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-debugsource >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-devel-debuginfo >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-gnome-debuginfo >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-gnome-debuginfo-32bit >= 1.9.2.24-0.2.2`
openSUSE 11.4	`MozillaFirefox >= 8.0-0.2.2` `MozillaFirefox-branding-openSUSE >= 5.0-2.5.1` `MozillaFirefox-branding-upstream >= 8.0-0.2.2` `MozillaFirefox-buildsymbols >= 8.0-0.2.2` `MozillaFirefox-devel >= 8.0-0.2.2` `MozillaFirefox-translations-common >= 8.0-0.2.2` `MozillaFirefox-translations-other >= 8.0-0.2.2` `MozillaThunderbird >= 3.1.16-0.19.2` `MozillaThunderbird-buildsymbols >= 3.1.16-0.19.2` `MozillaThunderbird-devel >= 3.1.16-0.19.2` `MozillaThunderbird-translations-common >= 3.1.16-0.19.2` `MozillaThunderbird-translations-other >= 3.1.16-0.19.2` `enigmail >= 1.1.2+3.1.16-0.19.2` `mozilla-js192 >= 1.9.2.24-0.2.2` `mozilla-js192-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192 >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-buildsymbols >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-devel >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-gnome >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-gnome-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-translations-common >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-translations-common-32bit >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-translations-other >= 1.9.2.24-0.2.2` `mozilla-xulrunner192-translations-other-32bit >= 1.9.2.24-0.2.2`
openSUSE 11.3 openSUSE 11.4	`seamonkey >= 2.5-0.2.1` `seamonkey-dom-inspector >= 2.5-0.2.1` `seamonkey-irc >= 2.5-0.2.1` `seamonkey-translations-common >= 2.5-0.2.1` `seamonkey-translations-other >= 2.5-0.2.1` `seamonkey-venkman >= 2.5-0.2.1`
openSUSE 11.3 openSUSE 11.4 DEBUGINFO	`seamonkey-debuginfo >= 2.5-0.2.1` `seamonkey-debugsource >= 2.5-0.2.1`

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy