Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Title:Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (Windows)
Summary:The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone; to information disclosure vulnerability.
The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone
to information disclosure vulnerability.

Vulnerability Insight:
The flaw is due to requests made using IPv6 syntax using XMLHttpRequest
objects through a proxy may generate errors depending on proxy configuration
for IPv6. The resulting error messages from the proxy may disclose sensitive

Vulnerability Impact:
Successful exploitation will let attackers to get sensitive information.

Affected Software/OS:
SeaMonkey version before 2.4
Thunderbird version before 3.1.18 and 5.0 through 6.0
Mozilla Firefox version before 3.6.26 and 4.x through 6.0

Upgrade to Mozilla Firefox version 3.6.27 or 7.0 or later.

Upgrade to SeaMonkey version to 2.4 or later.

Upgrade to Thunderbird version to 3.1.18 or 7.0 or later.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 51786
Common Vulnerability Exposure (CVE) ID: CVE-2011-3670
Debian Security Information: DSA-2400 (Google Search)
Debian Security Information: DSA-2402 (Google Search)
Debian Security Information: DSA-2406 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0198 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0221 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0234 (Google Search)
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.