Vulnerability Details : CVE-2011-3658
Public exploit exists!
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
Vulnerability category: Denial of service
Products affected by CVE-2011-3658
- cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3658
93.93%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-3658
-
Firefox nsSVGValue Out-of-Bounds Access Vulnerability
Disclosure Date: 2011-12-06First seen: 2020-04-26exploit/windows/browser/mozilla_nssvgvalueThis module exploits an out-of-bounds access flaw in Firefox 7 and 8 (<= 8.0.1). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an out-of-bounds access to attacker-controlled memory. The mObserver Element
CVSS scores for CVE-2011-3658
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-3658
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3658
-
https://bugzilla.mozilla.org/show_bug.cgi?id=708186
708186 - (CVE-2011-3658) [8.0.1] nsSVGValue Out-of-Bounds Access (ZDI-CAN-1414)
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/71910
Mozilla Firefox, Thunderbird, and SeaMonkey DOMAttrModified code execution CVE-2011-3658 Vulnerability Report
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664
Repository / Oval Repository
-
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html
nsSVGValue out-of-bounds access — MozillaVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html
[security-announce] openSUSE-SU-2012:0039-1: important: seamonkey
-
http://www.securitytracker.com/id?1026446
Mozilla Seamonkey Multiple Flaws Permit Remote Code Execution and Keystroke Detection - SecurityTracker
-
http://www.securitytracker.com/id?1026445
Mozilla Firefox Multiple Flaws Permit Remote Code Execution and Keystroke Detection - SecurityTracker
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:031
mandriva.com
-
http://www.securitytracker.com/id?1026447
Mozilla Thunderbird Multiple Flaws Permit Remote Code Execution and Keystroke Detection - SecurityTracker
-
http://www.ubuntu.com/usn/USN-1401-1
USN-1401-1: Xulrunner vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html
openSUSE-SU-2012:0417-1: moderate: update for MozillaFirefox, MozillaThu
-
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html
[security-announce] openSUSE-SU-2012:0007-1: important: seamonkey
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:192
mandriva.com
Jump to