Security Measurement
Days of Risk Report (automatically generated)
This is a sample report run from the public available data sets. Other example reports are also available, or alternatively run your own with the programs provided.
Product: Red Hat Enterprise Linux 6 (all packages)
CPE: cpe:/o:redhat:enterprise_linux:6
Starting date: 20101110
Ending date: 20120524
For Severity: Critical
96 issues with half of all issues (median) fixed within 0 days. Average of 0.3 days.
| CVE | RHSA | Description | Severity | Public | Fixed | Days |
|---|---|---|---|---|---|---|
| CVE-2012-1823 | RHSA-2012:0546 | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. | C | 20120503 | 20120507 | 4 |
| CVE-2011-3062 | RHSA-2012:0515 RHSA-2012:0516 | Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. | C | 20120424 | 20120424 | 0 |
| CVE-2012-0467 | RHSA-2012:0515 RHSA-2012:0516 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20120424 | 20120424 | 0 |
| CVE-2012-0468 | RHSA-2012:0515 RHSA-2012:0516 | The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function. | C | 20120424 | 20120424 | 0 |
| CVE-2012-0469 | RHSA-2012:0515 RHSA-2012:0516 | Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data. | C | 20120424 | 20120424 | 0 |
| CVE-2012-0470 | RHSA-2012:0515 RHSA-2012:0516 | Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems." | C | 20120424 | 20120424 | 0 |
| CVE-2012-0472 | RHSA-2012:0515 RHSA-2012:0516 | The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | C | 20120424 | 20120424 | 0 |
| CVE-2012-0478 | RHSA-2012:0515 RHSA-2012:0516 | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page. | C | 20120424 | 20120424 | 0 |
| CVE-2012-1182 | RHSA-2012:0465 | The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. | C | 20120410 | 20120410 | 0 |
| CVE-2012-0456 | RHSA-2012:0387 RHSA-2012:0388 | The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0457 | RHSA-2012:0387 RHSA-2012:0388 | Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0458 | RHSA-2012:0387 RHSA-2012:0388 | Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0459 | RHSA-2012:0387 RHSA-2012:0388 | The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0461 | RHSA-2012:0387 RHSA-2012:0388 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0462 | RHSA-2012:0387 RHSA-2012:0388 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20120313 | 20120314 | 1 |
| CVE-2012-0464 | RHSA-2012:0387 RHSA-2012:0388 | Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection. | C | 20120313 | 20120314 | 1 |
| CVE-2011-3026 | RHSA-2012:0140 RHSA-2012:0143 RHSA-2012:0317 | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | C | 20120216 | 20120216 | 0 |
| CVE-2011-3571 | RHSA-2012:0135 | Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. | C | 20120214 | 20120214 | 0 |
| CVE-2012-0497 | RHSA-2012:0135 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | C | 20120214 | 20120214 | 0 |
| CVE-2012-0503 | RHSA-2012:0135 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n. | C | 20120214 | 20120214 | 0 |
| CVE-2012-0505 | RHSA-2012:0135 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. | C | 20120214 | 20120214 | 0 |
| CVE-2012-0507 | RHSA-2012:0135 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | C | 20120214 | 20120214 | 0 |
| CVE-2012-0830 | RHSA-2012:0093 | The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885. | C | 20120202 | 20120202 | 0 |
| CVE-2012-0444 | RHSA-2012:0079 RHSA-2012:0136 | Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. | C | 20120131 | 20120201 | 1 |
| CVE-2011-3659 | RHSA-2012:0079 RHSA-2012:0080 | Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. | C | 20120131 | 20120131 | 0 |
| CVE-2012-0442 | RHSA-2012:0079 RHSA-2012:0080 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20120131 | 20120131 | 0 |
| CVE-2012-0449 | RHSA-2012:0079 RHSA-2012:0080 | Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. | C | 20120131 | 20120131 | 0 |
| CVE-2011-4862 | RHSA-2011:1852 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, and Heimdal 1.5.1 and earlier allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | C | 20111225 | 20111227 | 2 |
| CVE-2011-3647 | RHSA-2011:1437 RHSA-2011:1439 | The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004. | C | 20111108 | 20111108 | 0 |
| CVE-2011-3521 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization. | C | 20111018 | 20111018 | 0 |
| CVE-2011-3544 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. | C | 20111018 | 20111018 | 0 |
| CVE-2011-3548 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. | C | 20111018 | 20111018 | 0 |
| CVE-2011-3551 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | C | 20111018 | 20111018 | 0 |
| CVE-2011-3554 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors. | C | 20111018 | 20111018 | 0 |
| CVE-2011-3556 | RHSA-2011:1380 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI. | C | 20111018 | 20111018 | 0 |
| CVE-2011-2372 | RHSA-2011:1341 RHSA-2011:1342 | Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. | C | 20110928 | 20110928 | 0 |
| CVE-2011-2995 | RHSA-2011:1341 RHSA-2011:1342 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110928 | 20110928 | 0 |
| CVE-2011-2998 | RHSA-2011:1341 RHSA-2011:1342 | Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression. | C | 20110928 | 20110928 | 0 |
| CVE-2011-2999 | RHSA-2011:1341 RHSA-2011:1342 | Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. | C | 20110928 | 20110928 | 0 |
| CVE-2011-3000 | RHSA-2011:1341 RHSA-2011:1342 | Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. | C | 20110928 | 20110928 | 0 |
| CVE-2011-0084 | RHSA-2011:1164 RHSA-2011:1166 | The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." | C | 20110816 | 20110816 | 0 |
| CVE-2011-2378 | RHSA-2011:1164 RHSA-2011:1166 | The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer." | C | 20110816 | 20110816 | 0 |
| CVE-2011-2981 | RHSA-2011:1164 | The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site. | C | 20110816 | 20110816 | 0 |
| CVE-2011-2982 | RHSA-2011:1164 RHSA-2011:1166 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110816 | 20110816 | 0 |
| CVE-2011-2983 | RHSA-2011:1164 | Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free. | C | 20110816 | 20110816 | 0 |
| CVE-2011-0083 | RHSA-2011:0885 RHSA-2011:0886 | Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | C | 20110621 | 20110621 | 0 |
| CVE-2011-0085 | RHSA-2011:0885 RHSA-2011:0886 | Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2363 | RHSA-2011:0885 RHSA-2011:0886 | Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2364 | RHSA-2011:0885 RHSA-2011:0886 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2365 | RHSA-2011:0885 RHSA-2011:0886 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2371 | RHSA-2011:0885 | Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2373 | RHSA-2011:0885 | Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2374 | RHSA-2011:0885 RHSA-2011:0886 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2375 | RHSA-2011:0885 RHSA-2011:0886 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2376 | RHSA-2011:0885 RHSA-2011:0886 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110621 | 20110621 | 0 |
| CVE-2011-2377 | RHSA-2011:0885 RHSA-2011:0886 | Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image. | C | 20110622 | 20110621 | 0 |
| CVE-2011-2605 | RHSA-2011:0885 RHSA-2011:0886 | CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to bypass intended access restrictions via a string containing a \n (newline) character, which is not properly handled in a JavaScript "document.cookie =" expression, a different vulnerability than CVE-2011-2374. | C | 20110621 | 20110621 | 0 |
| CVE-2011-0862 | RHSA-2011:0856 | Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | C | 20110607 | 20110608 | 1 |
| CVE-2011-0871 | RHSA-2011:0856 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | C | 20110607 | 20110608 | 1 |
| CVE-2011-0065 | RHSA-2011:0471 | Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0066 | RHSA-2011:0471 | Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0069 | RHSA-2011:0471 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0070 | RHSA-2011:0471 RHSA-2011:0475 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0072 | RHSA-2011:0471 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0073 | RHSA-2011:0471 RHSA-2011:0475 | Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." | C | 20110428 | 20110429 | 1 |
| CVE-2011-0074 | RHSA-2011:0471 RHSA-2011:0475 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0077 | RHSA-2011:0471 RHSA-2011:0475 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0080 | RHSA-2011:0471 RHSA-2011:0475 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110428 | 20110429 | 1 |
| CVE-2011-0081 | RHSA-2011:0471 RHSA-2011:0475 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110428 | 20110429 | 1 |
| CVE-2010-1585 | RHSA-2011:0310 RHSA-2011:0311 | The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0051 | RHSA-2011:0310 | Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0053 | RHSA-2011:0310 RHSA-2011:0311 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0054 | RHSA-2011:0310 | Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0055 | RHSA-2011:0310 | Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0056 | RHSA-2011:0310 | Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0057 | RHSA-2011:0310 | Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0058 | RHSA-2011:0310 | Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0061 | RHSA-2011:0310 RHSA-2011:0311 | Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0062 | RHSA-2011:0310 RHSA-2011:0311 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20110301 | 20110302 | 1 |
| CVE-2011-0064 | RHSA-2011:0309 | The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. | C | 20110301 | 20110301 | 0 |
| CVE-2010-3766 | RHSA-2010:0966 | Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3767 | RHSA-2010:0966 | Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3768 | RHSA-2010:0966 RHSA-2010:0969 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3771 | RHSA-2010:0966 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3772 | RHSA-2010:0966 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3773 | RHSA-2010:0966 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3775 | RHSA-2010:0966 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3776 | RHSA-2010:0966 RHSA-2010:0969 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3777 | RHSA-2010:0966 RHSA-2010:0969 | Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20101209 | 20101209 | 0 |
| CVE-2010-3069 | RHSA-2010:0860 | Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3175 | RHSA-2010:0861 RHSA-2010:0896 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3176 | RHSA-2010:0861 RHSA-2010:0896 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3179 | RHSA-2010:0861 RHSA-2010:0896 | Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3180 | RHSA-2010:0861 RHSA-2010:0896 | Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3183 | RHSA-2010:0861 RHSA-2010:0896 | The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. | C | 20101110 | 20101110 | 0 |
| CVE-2010-3765 | RHSA-2010:0861 RHSA-2010:0896 | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | C | 20101110 | 20101110 | 0 |
Notes:
- This report is for illustrative purposes only and has been generated automatically. You are advised to check the report and data for accuracy if you are relying on it's contents
- The date an issue was first known to the public is based on data collected by Red Hat, Steven Christey, and third party researchers. The date an issue was fixed is parsed from data supplied by Red Hat Network with additional data from the archives of Red Hat mailing lists. The raw data is available
- The description (where supplied) is taken verbatim from the CVE dictionary.
- Dates are based on UTC timezone where possible. The actual time of day an advisory is released and issue is public is not taken into account, therefore some issues that say "1 day" are actually less than 24 hours. "0 day" means 'on the same date'.
