CVE-2011-3658 - OpenCVE

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Seamonkey Firefox Thunderbird

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox:8.0:::::::*
	cpe:2.3:a:mozilla:seamonkey:2.5:::::::*
	cpe:2.3:a:mozilla:thunderbird:8.0:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html
http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html
http://osvdb.org/77953
http://secunia.com/advisories/47302
http://secunia.com/advisories/47334
http://secunia.com/advisories/48495
http://secunia.com/advisories/48553
http://secunia.com/advisories/48823
http://secunia.com/advisories/49055
http://www.mandriva.com/security/advisories?name=MDVSA-2011:192
http://www.mandriva.com/security/advisories?name=MDVSA-2012:031
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html	Vendor Advisory
http://www.securitytracker.com/id?1026445
http://www.securitytracker.com/id?1026446
http://www.securitytracker.com/id?1026447
http://www.ubuntu.com/usn/USN-1401-1
https://bugzilla.mozilla.org/show_bug.cgi?id=708186
https://exchange.xforce.ibmcloud.com/vulnerabilities/71910
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2011-12-21T02:00:00

Updated: 2017-12-28T20:57:01

Reserved: 2011-09-23T00:00:00

Link: CVE-2011-3658

JSON object: View

NVD Information

Status : Modified

Published: 2011-12-21T04:02:00.897

Modified: 2017-12-29T02:29:04.143

Link: CVE-2011-3658

JSON object: View

Redhat Information

No data.

CWE

CWE-399

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-20T00:00:00", "descriptions": [{"lang": "en", "value": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-28T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "openSUSE-SU-2012:0417", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html"}, {"name": "MDVSA-2012:031", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"}, {"name": "MDVSA-2011:192", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"}, {"name": "48823", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48823"}, {"name": "USN-1401-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1401-1"}, {"name": "47334", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47334"}, {"name": "1026447", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026447"}, {"name": "1026446", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026446"}, {"name": "49055", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49055"}, {"name": "firefox-domattrmodified-code-exec(71910)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71910"}, {"name": "1026445", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026445"}, {"name": "77953", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/77953"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186"}, {"name": "48495", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48495"}, {"name": "48553", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48553"}, {"name": "47302", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47302"}, {"name": "openSUSE-SU-2012:0039", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"}, {"name": "oval:org.mitre.oval:def:14664", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664"}, {"name": "openSUSE-SU-2012:0007", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-3658", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2012:0417", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"}, {"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html"}, {"name": "MDVSA-2012:031", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"}, {"name": "MDVSA-2011:192", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"}, {"name": "48823", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48823"}, {"name": "USN-1401-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1401-1"}, {"name": "47334", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47334"}, {"name": "1026447", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026447"}, {"name": "1026446", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026446"}, {"name": "49055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49055"}, {"name": "firefox-domattrmodified-code-exec(71910)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71910"}, {"name": "1026445", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026445"}, {"name": "77953", "refsource": "OSVDB", "url": "http://osvdb.org/77953"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186"}, {"name": "48495", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48495"}, {"name": "48553", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48553"}, {"name": "47302", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47302"}, {"name": "openSUSE-SU-2012:0039", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"}, {"name": "oval:org.mitre.oval:def:14664", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664"}, {"name": "openSUSE-SU-2012:0007", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-3658", "datePublished": "2011-12-21T02:00:00", "dateReserved": "2011-09-23T00:00:00", "dateUpdated": "2017-12-28T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "75B6A811-2B5A-484A-9878-C8E2C3E7633C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "1D02EDB8-717F-487C-81D1-754AA0C07A66", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "0A5BE5DD-4FC8-497A-AED3-3354C09CA71E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements."}, {"lang": "es", "value": "La implementaci\u00f3n de SVG en Mozilla Firefox v8.0, Thunderbird v8.0, y SeaMonkey v2.6, no interactua correctamente con los manejadores de eventos DOMAttrModified, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (acceso fuera de l\u00edmites de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores que implican la eliminaci\u00f3n de elementos SVG."}], "id": "CVE-2011-3658", "lastModified": "2017-12-29T02:29:04.143", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-12-21T04:02:00.897", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/77953"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/47302"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/47334"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48495"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48553"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48823"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/49055"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1026445"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1026446"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1026447"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-1401-1"}, {"source": "cve@mitre.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71910"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}