Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2011-2371 to a friend New vulnerability? New tool? Tell us	CVE-2011-2371 Mozilla Firefox/Thunderbird/SeaMonkey 'Array.reduceRight()' Remote Code Execution Vulnerability     Credit: The original article can be found at: http://www.securityfocus.com/bid/48372 The information has been provided by Chris Rohlf and Yan Ivnitskiy. Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2011-2371 Details Check for CVE-2011-2371 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Mozilla Thunderbird 3.1.14  * Mozilla Thunderbird 3.1.13  * Mozilla Thunderbird 3.1.12  * Mozilla Thunderbird 3.1.12  * Mozilla Thunderbird 9.0  * Mozilla Thunderbird 8.0  * Mozilla Thunderbird 7.0.1  * Mozilla Thunderbird 7.0  * Mozilla Thunderbird 6.0.2  * Mozilla Thunderbird 6.0.1  * Mozilla Thunderbird 6.0  * Mozilla Thunderbird 6  * Mozilla Thunderbird 6  * Mozilla Thunderbird 5.0  * Mozilla Thunderbird 5  * Mozilla Thunderbird 3.1.17  * Mozilla Thunderbird 3.1.16  * Mozilla Thunderbird 3.1.15  * Mozilla Thunderbird 3.1.11  * Mozilla Thunderbird 3.1.10  * Mozilla Thunderbird 3.1.1  * Mozilla Thunderbird 3.1  * Mozilla SeaMonkey 2.3  * Mozilla SeaMonkey 2.2  * Mozilla SeaMonkey 2.2  * Mozilla SeaMonkey 2.1  * Mozilla Firefox 9.0.1  * Mozilla Firefox 3.6.22  * Mozilla Firefox 3.6.13  * Mozilla Firefox 3.6.13  * Mozilla Firefox 3.6.10  * Mozilla Firefox 3.6.2  * Mozilla Firefox 3.6.2  * Mozilla Firefox 9.0  * Mozilla Firefox 8.0.1  * Mozilla Firefox 8.0  * Mozilla Firefox 7.0.1  * Mozilla Firefox 7.0  * Mozilla Firefox 7  * Mozilla Firefox 6.0.2  * Mozilla Firefox 6.0.1  * Mozilla Firefox 6.0  * Mozilla Firefox 6  * Mozilla Firefox 5.0.1  * Mozilla Firefox 5.0  * Mozilla Firefox 3.6.25  * Mozilla Firefox 3.6.24  * Mozilla Firefox 3.6.23  * Mozilla Firefox 3.6.21  * Mozilla Firefox 3.6.20  * Mozilla Firefox 3.6.19  * Mozilla Firefox 3.6.18  * Mozilla Firefox 3.6.17  * Mozilla Firefox 3.6.16  * Mozilla Firefox 3.6.15  * Mozilla Firefox 3.6.14  * Mozilla Firefox 3.6.12  * Mozilla Firefox 3.6.11  * Mozilla Firefox 3.6 Non-Vulnerable Systems:  * Mozilla Thunderbird 3.1.18  * Mozilla Thunderbird 10.0  * Mozilla SeaMonkey 2.4  * Mozilla Firefox 3.6.26  * Mozilla Firefox 10.0 The issue occurs when handling a JavaScript array with an extremely large length and can be exploited to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Vendor Status: Mozilla as issued an update for this vulnerablity Patch Availability: http://www.mozilla.org/en-US/products/download.html?product=firefox-12.0&os=win&lang=en-US CVE Information: CVE-2011-2371 Disclosure Timeline: Initial Release Feb 27 2012  Comments on CVE-2011-2371:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®