Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2011-0057 | First vendor Publication | 2011-03-02 |
| Vendor | Cve | Last vendor Modification | 2017-09-19 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0057 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:14200 | |||
| Oval ID: | oval:org.mitre.oval:def:14200 | ||
| Title: | Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. | ||
| Description: | Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0057 | Version: | 16 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Seamonkey Mozilla Firefox |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-05-12 | Name : Debian Security Advisory DSA 2186-1 (iceweasel) File : nvt/deb_2186_1.nasl |
| 2011-05-12 | Name : Debian Security Advisory DSA 2187-1 (icedove) File : nvt/deb_2187_1.nasl |
| 2011-05-10 | Name : Ubuntu Update for xulrunner-1.9.1 USN-1123-1 File : nvt/gb_ubuntu_USN_1123_1.nasl |
| 2011-03-15 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-1049-2 File : nvt/gb_ubuntu_USN_1049_2.nasl |
| 2011-03-10 | Name : Mozilla Products Multiple Vulnerabilities March-11 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_mar11.nasl |
| 2011-03-09 | Name : Debian Security Advisory DSA 2180-1 (iceape) File : nvt/deb_2180_1.nasl |
| 2011-03-09 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox54.nasl |
| 2011-03-08 | Name : Mandriva Update for firefox MDVSA-2011:041 (firefox) File : nvt/gb_mandriva_MDVSA_2011_041.nasl |
| 2011-03-07 | Name : CentOS Update for firefox CESA-2011:0310 centos4 i386 File : nvt/gb_CESA-2011_0310_firefox_centos4_i386.nasl |
| 2011-03-07 | Name : RedHat Update for firefox RHSA-2011:0310-01 File : nvt/gb_RHSA-2011_0310-01_firefox.nasl |
| 2011-03-07 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-1049-1 File : nvt/gb_ubuntu_USN_1049_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 72460 | Mozilla Multiple Products Web Workers Garbage Collection Use-after-free Remot... Mozilla Firefox and SeaMonkey contain a flaw related to the Web Workers implementation. The issue is triggered when a context-dependent attacker calls a deleted reference which is freed during garbage collection. This may allow an attacker to execute arbitrary code. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_seamonkey-110307.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_mozilla-js192-110307.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaThunderbird-110314.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-110302.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-110302.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-110302.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-110307.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0310.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7421.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1123-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-110302.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-110302.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-110302.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-110308.nasl - Type : ACT_GATHER_INFO |
| 2011-03-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-110307.nasl - Type : ACT_GATHER_INFO |
| 2011-03-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-110303.nasl - Type : ACT_GATHER_INFO |
| 2011-03-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner191-7363.nasl - Type : ACT_GATHER_INFO |
| 2011-03-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2186.nasl - Type : ACT_GATHER_INFO |
| 2011-03-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2187.nasl - Type : ACT_GATHER_INFO |
| 2011-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1049-2.nasl - Type : ACT_GATHER_INFO |
| 2011-03-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-041.nasl - Type : ACT_GATHER_INFO |
| 2011-03-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2180.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Windows host contains a web browser affected by multiple vulnerabi... File : mozilla_firefox_3614.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Windows host contains a web browser affected by multiple vulnerabi... File : mozilla_firefox_3517.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1049-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Windows host contains a web browser affected by multiple vulnerabi... File : seamonkey_2012.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-0310.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0310.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_45f102cd445611e095804061862b8c22.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-10 01:14:00 |
|
| 2024-02-02 01:15:03 |
|
| 2024-02-01 12:04:12 |
|
| 2023-09-05 12:14:04 |
|
| 2023-09-05 01:04:04 |
|
| 2023-09-02 12:14:07 |
|
| 2023-09-02 01:04:07 |
|
| 2023-08-12 12:16:58 |
|
| 2023-08-12 01:04:08 |
|
| 2023-08-11 12:14:12 |
|
| 2023-08-11 01:04:16 |
|
| 2023-08-06 12:13:39 |
|
| 2023-08-06 01:04:09 |
|
| 2023-08-04 12:13:44 |
|
| 2023-08-04 01:04:10 |
|
| 2023-07-14 12:13:41 |
|
| 2023-07-14 01:04:08 |
|
| 2023-03-29 01:15:38 |
|
| 2023-03-28 12:04:14 |
|
| 2022-10-11 12:12:12 |
|
| 2022-10-11 01:03:54 |
|
| 2021-05-04 12:13:45 |
|
| 2021-04-22 01:14:54 |
|
| 2020-10-14 01:06:06 |
|
| 2020-10-03 01:06:06 |
|
| 2020-05-29 01:05:36 |
|
| 2020-05-23 01:43:36 |
|
| 2020-05-23 00:27:30 |
|
| 2017-11-22 12:03:44 |
|
| 2017-11-21 12:02:56 |
|
| 2017-09-19 09:24:07 |
|
| 2017-01-07 09:25:08 |
|
| 2016-06-28 18:29:02 |
|
| 2016-04-26 20:27:11 |
|
| 2014-06-14 13:30:01 |
|
| 2014-02-17 10:59:20 |
|
| 2013-05-10 22:51:58 |
|
