Vulnerability Name:

CVE-2011-2984 (CCN-69233)

Assigned:2011-08-16
Published:2011-08-16
Updated:2017-09-19
Summary:Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2011-2984

Source: SUSE
Type: UNKNOWN
SUSE-SA:2011:037

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:0967

Source: CCN
Type: RHSA-2011-1164
Critical: firefox security update

Source: CCN
Type: SA45666
Mozilla Firefox / Thunderbird Multiple Vulnerabilities

Source: CCN
Type: SA45688
Debian icedove Multiple Vulnerabilities

Source: CCN
Type: SA45718
Debian update for icedove

Source: DEBIAN
Type: UNKNOWN
DSA-2295

Source: DEBIAN
Type: UNKNOWN
DSA-2296

Source: DEBIAN
Type: UNKNOWN
DSA-2297

Source: DEBIAN
Type: DSA-2295
iceape -- several vulnerabilities

Source: DEBIAN
Type: DSA-2296
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-2297
icedove -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:127

Source: CCN
Type: MFSA 2011-30
Security issues addressed in Firefox 3.6.20

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-30.html

Source: CCN
Type: MFSA 2011-32
Security issues addressed in Thunderbird 3.1.12

Source: CCN
Type: OSVDB ID: 74587
Mozilla Multiple Products Tab Element Dropping Weakness Remote Code Execution

Source: REDHAT
Type: Vendor Advisory
RHSA-2011:1164

Source: CCN
Type: BID-49219
Mozilla Firefox and Thunderbird CVE-2011-2984 Tab Element Privilege Escalation Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=572129

Source: XF
Type: UNKNOWN
firefox-tab-element-privilege-escalation(69233)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14358

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 3.6.19)

  • Configuration 2:
  • cpe:/a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/a:mozilla:thunderbird:3.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.11:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:3.6:a1_pre:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6:a1:-:linux:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:3.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20112984
    V
    CVE-2011-2984
    2022-05-20
    oval:org.mitre.oval:def:14358
    V
    Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.
    2014-10-06
    oval:org.mitre.oval:def:15385
    P
    USN-1185-1 -- Thunderbird vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15242
    P
    USN-1184-1 -- Firefox and Xulrunner vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:14961
    P
    DSA-2295-1 iceape -- several
    2014-06-23
    oval:org.mitre.oval:def:15093
    P
    DSA-2297-1 icedove -- several
    2014-06-23
    oval:org.mitre.oval:def:14861
    P
    DSA-2296-1 iceweasel -- several
    2014-06-23
    oval:org.mitre.oval:def:23686
    P
    ELSA-2011:1164: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:21884
    P
    RHSA-2011:1164: firefox security update (Critical)
    2014-02-24
    oval:com.ubuntu.precise:def:20112984000
    V
    CVE-2011-2984 on Ubuntu 12.04 LTS (precise) - low.
    2011-08-18
    oval:com.redhat.rhsa:def:20111164
    P
    RHSA-2011:1164: firefox security update (Critical)
    2011-08-16
    BACK
    mozilla firefox 1.0
    mozilla firefox 1.0 preview_release
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla firefox 1.0.3
    mozilla firefox 1.0.4
    mozilla firefox 1.0.5
    mozilla firefox 1.0.6
    mozilla firefox 1.0.7
    mozilla firefox 1.0.8
    mozilla firefox 1.5
    mozilla firefox 1.5 beta1
    mozilla firefox 1.5 beta2
    mozilla firefox 1.5.0.1
    mozilla firefox 1.5.0.2
    mozilla firefox 1.5.0.3
    mozilla firefox 1.5.0.4
    mozilla firefox 1.5.0.5
    mozilla firefox 1.5.0.6
    mozilla firefox 1.5.0.7
    mozilla firefox 1.5.0.8
    mozilla firefox 1.5.0.9
    mozilla firefox 1.5.0.10
    mozilla firefox 1.5.0.11
    mozilla firefox 1.5.0.12
    mozilla firefox 1.5.1
    mozilla firefox 1.5.2
    mozilla firefox 1.5.3
    mozilla firefox 1.5.4
    mozilla firefox 1.5.5
    mozilla firefox 1.5.6
    mozilla firefox 1.5.7
    mozilla firefox 1.5.8
    mozilla firefox 2.0
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.2
    mozilla firefox 2.0.0.3
    mozilla firefox 2.0.0.4
    mozilla firefox 2.0.0.5
    mozilla firefox 2.0.0.6
    mozilla firefox 2.0.0.7
    mozilla firefox 2.0.0.8
    mozilla firefox 2.0.0.9
    mozilla firefox 2.0.0.10
    mozilla firefox 2.0.0.11
    mozilla firefox 2.0.0.12
    mozilla firefox 2.0.0.13
    mozilla firefox 2.0.0.14
    mozilla firefox 2.0.0.15
    mozilla firefox 2.0.0.16
    mozilla firefox 2.0.0.17
    mozilla firefox 2.0.0.18
    mozilla firefox 2.0.0.19
    mozilla firefox 2.0.0.20
    mozilla firefox 3.0
    mozilla firefox 3.0.1
    mozilla firefox 3.0.2
    mozilla firefox 3.0.3
    mozilla firefox 3.0.4
    mozilla firefox 3.0.5
    mozilla firefox 3.0.6
    mozilla firefox 3.0.7
    mozilla firefox 3.0.8
    mozilla firefox 3.0.9
    mozilla firefox 3.0.10
    mozilla firefox 3.0.11
    mozilla firefox 3.0.12
    mozilla firefox 3.0.13
    mozilla firefox 3.0.14
    mozilla firefox 3.0.15
    mozilla firefox 3.0.16
    mozilla firefox 3.0.17
    mozilla firefox 3.5
    mozilla firefox 3.5.1
    mozilla firefox 3.5.2
    mozilla firefox 3.5.3
    mozilla firefox 3.5.4
    mozilla firefox 3.5.5
    mozilla firefox 3.5.6
    mozilla firefox 3.5.7
    mozilla firefox 3.5.8
    mozilla firefox 3.5.9
    mozilla firefox 3.5.10
    mozilla firefox 3.5.11
    mozilla firefox 3.5.12
    mozilla firefox 3.5.13
    mozilla firefox 3.5.14
    mozilla firefox 3.5.15
    mozilla firefox 3.5.16
    mozilla firefox 3.5.17
    mozilla firefox 3.5.18
    mozilla firefox 3.5.19
    mozilla firefox 3.6
    mozilla firefox 3.6.2
    mozilla firefox 3.6.3
    mozilla firefox 3.6.4
    mozilla firefox 3.6.6
    mozilla firefox 3.6.7
    mozilla firefox 3.6.8
    mozilla firefox 3.6.9
    mozilla firefox 3.6.10
    mozilla firefox 3.6.11
    mozilla firefox 3.6.12
    mozilla firefox 3.6.13
    mozilla firefox 3.6.14
    mozilla firefox 3.6.15
    mozilla firefox 3.6.16
    mozilla firefox 3.6.17
    mozilla firefox 3.6.18
    mozilla firefox *
    mozilla seamonkey 2.0
    mozilla seamonkey 2.0 alpha_1
    mozilla seamonkey 2.0 alpha_2
    mozilla seamonkey 2.0 alpha_3
    mozilla seamonkey 2.0 beta_1
    mozilla seamonkey 2.0 beta_2
    mozilla seamonkey 2.0 rc1
    mozilla seamonkey 2.0 rc2
    mozilla seamonkey 2.0.1
    mozilla seamonkey 2.0.2
    mozilla seamonkey 2.0.3
    mozilla seamonkey 2.0.4
    mozilla seamonkey 2.0.5
    mozilla seamonkey 2.0.6
    mozilla seamonkey 2.0.7
    mozilla seamonkey 2.0.8
    mozilla seamonkey 2.0.9
    mozilla seamonkey 2.0.10
    mozilla seamonkey 2.0.11
    mozilla seamonkey 2.0.12
    mozilla seamonkey 2.0.13
    mozilla seamonkey 2.0.14
    mozilla seamonkey 2.1
    mozilla seamonkey 2.1 alpha1
    mozilla seamonkey 2.1 alpha2
    mozilla seamonkey 2.1 alpha3
    mozilla seamonkey 2.1 beta1
    mozilla seamonkey 2.1 beta2
    mozilla seamonkey 2.1 beta3
    mozilla seamonkey 2.1 rc1
    mozilla seamonkey 2.1 rc2
    mozilla seamonkey 2.2
    mozilla seamonkey 2.2 beta1
    mozilla seamonkey 2.2 beta2
    mozilla seamonkey 2.2 beta3
    mozilla seamonkey 2.3
    mozilla seamonkey 2.3 beta1
    mozilla seamonkey 2.3 beta2
    mozilla seamonkey 2.3 beta3
    mozilla seamonkey 2.3.1
    mozilla seamonkey 2.3.2
    mozilla seamonkey 2.3.3
    mozilla seamonkey 2.4
    mozilla seamonkey 2.4 beta1
    mozilla seamonkey 2.4 beta2
    mozilla seamonkey 2.4 beta3
    mozilla seamonkey 2.4.1
    mozilla seamonkey 2.5
    mozilla seamonkey 2.5 beta1
    mozilla seamonkey 2.5 beta2
    mozilla seamonkey 2.5 beta3
    mozilla seamonkey 2.5 beta4
    mozilla seamonkey 2.6
    mozilla seamonkey 2.6 beta1
    mozilla seamonkey 2.6 beta2
    mozilla seamonkey 2.6 beta3
    mozilla seamonkey 2.6 beta4
    mozilla seamonkey 2.6.1
    mozilla seamonkey 2.7
    mozilla seamonkey 2.7 beta1
    mozilla seamonkey 2.7 beta2
    mozilla seamonkey 2.7 beta3
    mozilla seamonkey 2.7 beta4
    mozilla seamonkey 2.7 beta5
    mozilla seamonkey 2.7.1
    mozilla seamonkey 2.7.2
    mozilla seamonkey 2.8
    mozilla seamonkey 2.8 beta1
    mozilla seamonkey 2.8 beta2
    mozilla seamonkey 2.8 beta3
    mozilla seamonkey 2.8 beta4
    mozilla seamonkey 2.8 beta5
    mozilla seamonkey 2.8 beta6
    mozilla seamonkey 2.9 beta1
    mozilla seamonkey 2.9 beta2
    mozilla seamonkey 2.9 beta3
    mozilla thunderbird 3.0
    mozilla thunderbird 3.0.1
    mozilla thunderbird 3.0.2
    mozilla thunderbird 3.0.3
    mozilla thunderbird 3.0.4
    mozilla thunderbird 3.0.5
    mozilla thunderbird 3.0.6
    mozilla thunderbird 3.0.7
    mozilla thunderbird 3.0.8
    mozilla thunderbird 3.0.9
    mozilla thunderbird 3.0.10
    mozilla thunderbird 3.0.11
    mozilla thunderbird 3.1
    mozilla thunderbird 3.1.1
    mozilla thunderbird 3.1.2
    mozilla thunderbird 3.1.3
    mozilla thunderbird 3.1.4
    mozilla thunderbird 3.1.5
    mozilla thunderbird 3.1.6
    mozilla thunderbird 3.1.7
    mozilla thunderbird 3.1.8
    mozilla thunderbird 3.1.9
    mozilla thunderbird 3.1.10
    mozilla thunderbird 3.1.11
    mozilla firefox 3.6 a1_pre
    mozilla firefox 3.6 a1
    mozilla firefox 3.6
    mozilla firefox 3.6.1
    mozilla thunderbird 3.1.1
    mozilla thunderbird 3.1.2
    mozilla thunderbird 3.1.3
    mozilla thunderbird 3.1.4
    mozilla firefox 3.6.10
    mozilla firefox 3.6.11
    mozilla firefox 3.6.12
    mozilla thunderbird 3.1.5
    mozilla thunderbird 3.1
    mozilla firefox 3.6.13
    mozilla thunderbird 3.1.6
    mozilla thunderbird 3.1.7
    mozilla firefox 3.6.14
    mozilla firefox 3.6.15
    mozilla firefox 3.6.16
    mozilla thunderbird 3.1.8
    mozilla thunderbird 3.1.9
    mozilla firefox 3.6.17
    mozilla thunderbird 3.1.10
    mozilla thunderbird 3.1.11
    mozilla thunderbird 3.1.12
    mozilla firefox 3.6.18
    mozilla firefox 3.6.19
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    redhat enterprise linux server eus 6.1.z