Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-3670
Description:Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
Test IDs: 1.3.6.1.4.1.25623.1.0.70719   1.3.6.1.4.1.25623.1.0.70668   1.3.6.1.4.1.25623.1.0.70720   1.3.6.1.4.1.25623.1.0.70738   1.3.6.1.4.1.25623.1.0.70670   1.3.6.1.4.1.25623.1.0.802583   1.3.6.1.4.1.25623.1.0.802579   1.3.6.1.4.1.25623.1.0.870538   1.3.6.1.4.1.25623.1.0.881210   1.3.6.1.4.1.25623.1.0.881197   1.3.6.1.4.1.25623.1.0.881145   1.3.6.1.4.1.25623.1.0.870598  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-3670
Debian Security Information: DSA-2400 (Google Search)
http://www.debian.org/security/2012/dsa-2400
Debian Security Information: DSA-2402 (Google Search)
http://www.debian.org/security/2012/dsa-2402
Debian Security Information: DSA-2406 (Google Search)
http://www.debian.org/security/2012/dsa-2406
http://www.mandriva.com/security/advisories?name=MDVSA-2012:013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14814
SuSE Security Announcement: SUSE-SU-2012:0198 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html
SuSE Security Announcement: SUSE-SU-2012:0221 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html
SuSE Security Announcement: openSUSE-SU-2012:0234 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html




© 1998-2021 E-Soft Inc. All rights reserved.