Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2986

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2986
Last Modified 18 Dec 2012 11:42:41
Published 18 Aug 2011 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2986

Summary

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

Vulnerable Systems

Application

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.4

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.14

  • Mozilla Seamonkey 1.1.15

  • Mozilla Seamonkey 1.1.16

  • Mozilla Seamonkey 1.1.17

  • Mozilla Seamonkey 1.1.18

  • Mozilla Seamonkey 1.1.19

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Seamonkey 1.5.0.10

  • Mozilla Seamonkey 1.5.0.8

  • Mozilla Seamonkey 1.5.0.9

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.10

  • Mozilla Seamonkey 2.0.11

  • Mozilla Seamonkey 2.0.2

  • Mozilla Seamonkey 2.0.3

  • Mozilla Seamonkey 2.0.4

  • Mozilla Seamonkey 2.0.5

  • Mozilla Seamonkey 2.0.6

  • Mozilla Seamonkey 2.0.7

  • Mozilla Seamonkey 2.0.8

  • Mozilla Seamonkey 2.0.9

  • Mozilla Seamonkey 2.1

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.2

  • Mozilla Thunderbird 0.3

  • Mozilla Thunderbird 0.4

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.7.1

  • Mozilla Thunderbird 0.7.2

  • Mozilla Thunderbird 0.7.3

  • Mozilla Thunderbird 0.8

  • Mozilla Thunderbird 0.9

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.1

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.3

  • Mozilla Thunderbird 1.0.4

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.7

  • Mozilla Thunderbird 1.0.8

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.1

  • Mozilla Thunderbird 1.5.0.10

  • Mozilla Thunderbird 1.5.0.11

  • Mozilla Thunderbird 1.5.0.12

  • Mozilla Thunderbird 1.5.0.13

  • Mozilla Thunderbird 1.5.0.14

  • Mozilla Thunderbird 1.5.0.2

  • Mozilla Thunderbird 1.5.0.3

  • Mozilla Thunderbird 1.5.0.4

  • Mozilla Thunderbird 1.5.0.5

  • Mozilla Thunderbird 1.5.0.6

  • Mozilla Thunderbird 1.5.0.7

  • Mozilla Thunderbird 1.5.0.8

  • Mozilla Thunderbird 1.5.0.9

  • Mozilla Thunderbird 1.5.1

  • Mozilla Thunderbird 1.5.2

  • Mozilla Thunderbird 1.7.1

  • Mozilla Thunderbird 1.7.3

  • Mozilla Thunderbird 2.0

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.1

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.19

  • Mozilla Thunderbird 2.0.0.2

  • Mozilla Thunderbird 2.0.0.21

  • Mozilla Thunderbird 2.0.0.22

  • Mozilla Thunderbird 2.0.0.23

  • Mozilla Thunderbird 2.0.0.3

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.7

  • Mozilla Thunderbird 2.0.0.8

  • Mozilla Thunderbird 2.0.0.9

  • Mozilla Thunderbird 3.0

  • Mozilla Thunderbird 3.0.1

  • Mozilla Thunderbird 3.0.10

  • Mozilla Thunderbird 3.0.11

  • Mozilla Thunderbird 3.0.2

  • Mozilla Thunderbird 3.0.3

  • Mozilla Thunderbird 3.0.4

  • Mozilla Thunderbird 3.0.5

  • Mozilla Thunderbird 3.0.6

  • Mozilla Thunderbird 3.0.7

  • Mozilla Thunderbird 3.0.8

  • Mozilla Thunderbird 3.0.9

  • Mozilla Thunderbird 3.1

  • Mozilla Thunderbird 3.1.1

  • Mozilla Thunderbird 3.1.2

  • Mozilla Thunderbird 3.1.3

  • Mozilla Thunderbird 3.1.4

  • Mozilla Thunderbird 3.1.5

  • Mozilla Thunderbird 3.1.6

  • Mozilla Thunderbird 3.1.7

  • Mozilla Thunderbird 5.0


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=655836

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-33.html

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-31.html

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-29.html

SUSE - SUSE-SA:2011:037

SECUNIA - 49055


Last Updated: 27 May 2016 11:01:28