Details of VAR-201112-0037

ID

VAR-201112-0037

CVE

CVE-2011-3666

TITLE

Mac OS X Run on Mozilla Firefox and Thunderbird Vulnerable to access restrictions

Trust: 0.8

sources: JVNDB: JVNDB-2011-003503

DESCRIPTION

Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X. Mozilla Firefox and Thunderbird are prone to a remote code-execution vulnerability. An attacker could exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed attempts could lead to a denial-of-service condition. Firefox is a very popular open source web browser. Thunderbird is an email client that supports IMAP, POP email protocols, and HTML email formats

Trust: 1.98

sources: NVD: CVE-2011-3666 // JVNDB: JVNDB-2011-003503 // BID: 51139 // VULHUB: VHN-51611

AFFECTED PRODUCTS

vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.16	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.7	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.3	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.5	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.21	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.14	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.4	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.20	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.8	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.15	Trust: 1.6
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.14	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.14	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.17	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.9	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.10	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.8	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.12	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.18	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.15	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.13	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.15	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.11	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.11	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.9	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.21	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.10	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.12	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.4	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.2	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.6	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.4	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.23	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.1	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.22	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.16	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.7	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.3	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.19	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.2	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.8	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.6	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.7	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.3	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.20	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.5	Trust: 1.3
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.1.13	Trust: 1.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.18	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.11	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.0	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.8	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.11	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.8	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.9	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.13	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.11	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.6.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.20	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.9	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.12	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.12	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.10	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.9.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.11	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.17	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.14	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.14	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.9.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.14	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.16	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.10	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.10	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.9	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.7.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.17	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.4.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.15	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.10.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.12	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.13	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.15	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.10	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.7.2	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	lte	version:	3.1.16	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.8	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.16	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.11	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.10	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.9	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.7.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.2	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.22	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.11	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.7	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.9	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.12	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.10	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.7	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.19	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.18	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.17	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.23	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.7.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.9	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.12	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.7	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.12	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.14	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.11	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.9	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.7.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.13	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.10	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.9	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.5	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.6	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	2.0.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.13	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.8	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.0.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.5	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.9.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.0.4	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.8	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.13	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	lte	version:	3.6.24	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.8	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.4	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.15	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.5.0.7	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.9	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.6	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.7.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.1	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	0.1	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.4	Trust: 1.0
vendor:	mozilla	model:	thunderbird	scope:	eq	version:	0.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.0.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	1.5.3	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	eq	version:	2.0.0.19	Trust: 1.0
vendor:	mozilla	model:	firefox	scope:	lt	version:	3.6.25	Trust: 0.8
vendor:	mozilla	model:	thunderbird	scope:	lt	version:	3.1.17	Trust: 0.8
vendor:	mozilla	model:	firefox	scope:	ne	version:	3.6.25	Trust: 0.3
vendor:	mozilla	model:	thunderbird	scope:	ne	version:	3.1.17	Trust: 0.3
vendor:	mozilla	model:	firefox	scope:	eq	version:	3.6.24	Trust: 0.3

sources: BID: 51139 // JVNDB: JVNDB-2011-003503 // CNNVD: CNNVD-201112-390 // NVD: CVE-2011-3666

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-3666
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-3666
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201112-390
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-51611
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-3666
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-51611
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-51611 // JVNDB: JVNDB-2011-003503 // CNNVD: CNNVD-201112-390 // NVD: CVE-2011-3666

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-51611 // JVNDB: JVNDB-2011-003503 // NVD: CVE-2011-3666

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-390

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201112-390

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003503

PATCH

title:	MFSA2011-59	url:	http://www.mozilla.org/security/announce/2011/mfsa2011-59.html	Trust: 0.8
title:	MFSA2011-59	url:	http://www.mozilla-japan.org/security/announce/2011/mfsa2011-59.html	Trust: 0.8
title:	Thunderbird 3.1.17	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42230	Trust: 0.6
title:	Firefox 3.6.25	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42229	Trust: 0.6

sources: JVNDB: JVNDB-2011-003503 // CNNVD: CNNVD-201112-390

EXTERNAL IDS

db:	NVD	id:	CVE-2011-3666	Trust: 2.8
db:	SECTRACK	id:	1026445	Trust: 1.1
db:	SECTRACK	id:	1026447	Trust: 1.1
db:	BID	id:	51139	Trust: 1.0
db:	JVNDB	id:	JVNDB-2011-003503	Trust: 0.8
db:	CNNVD	id:	CNNVD-201112-390	Trust: 0.7
db:	NSFOCUS	id:	18366	Trust: 0.6
db:	VULHUB	id:	VHN-51611	Trust: 0.1

sources: VULHUB: VHN-51611 // BID: 51139 // JVNDB: JVNDB-2011-003503 // CNNVD: CNNVD-201112-390 // NVD: CVE-2011-3666

REFERENCES

url:	http://www.mozilla.org/security/announce/2011/mfsa2011-59.html	Trust: 2.0
url:	https://bugzilla.mozilla.org/show_bug.cgi?id=704622	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14831	Trust: 1.1
url:	http://www.securitytracker.com/id?1026445	Trust: 1.1
url:	http://www.securitytracker.com/id?1026447	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3666	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3666	Trust: 0.8
url:	http://www.securityfocus.com/bid/51139	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/18366	Trust: 0.6
url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0676	Trust: 0.3

sources: VULHUB: VHN-51611 // BID: 51139 // JVNDB: JVNDB-2011-003503 // CNNVD: CNNVD-201112-390 // NVD: CVE-2011-3666

CREDITS

Mariusz Mlynsky

Trust: 0.6

sources: CNNVD: CNNVD-201112-390

SOURCES

db:	VULHUB	id:	VHN-51611
db:	BID	id:	51139
db:	JVNDB	id:	JVNDB-2011-003503
db:	CNNVD	id:	CNNVD-201112-390
db:	NVD	id:	CVE-2011-3666

LAST UPDATE DATE

2024-08-14T12:09:01.917000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-51611	date:	2017-09-19T00:00:00
db:	BID	id:	51139	date:	2015-04-13T22:01:00
db:	JVNDB	id:	JVNDB-2011-003503	date:	2011-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201112-390	date:	2011-12-22T00:00:00
db:	NVD	id:	CVE-2011-3666	date:	2017-09-19T01:34:02.337

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-51611	date:	2011-12-21T00:00:00
db:	BID	id:	51139	date:	2011-12-20T00:00:00
db:	JVNDB	id:	JVNDB-2011-003503	date:	2011-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201112-390	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2011-3666	date:	2011-12-21T04:02:01.177