Multiple vulnerabilities in Mozilla Firefox

Posted by chandan on Oracle Blogs See other posts from Oracle Blogs or by chandan
Published on Wed, 4 Apr 2012 17:43:22 -0500 Indexed on 2012/04/05 5:37 UTC
Read the original article Hit count: 400

Filed under:

/Alerts

CVE Description

CVSSv2 Base Score

Component

Product and Resolution

CVE-2011-2372 Permissions, Privileges, and Access Controls vulnerability

3.5

Firefox web browser

Solaris 11	11/11 SRU 3
Solaris 10	Contact Support

CVE-2011-2995 Denial of Service (DoS) vulnerability

10.0

CVE-2011-2997 Denial of Service (DoS) vulnerability

10.0

CVE-2011-3000 Improper Control of Generation of Code ('Code Injection') vulnerability

4.3

CVE-2011-3001 Permissions, Privileges, and Access Controls vulnerability

4.3

CVE-2011-3002 Denial of Service (DoS) vulnerability

9.3

CVE-2011-3003 Denial of Service (DoS) vulnerability

10.0

CVE-2011-3004 Improper Input Validation vulnerability

4.3

CVE-2011-3005 Denial of Service (DoS) vulnerability

9.3

CVE-2011-3232 Improper Control of Generation of Code ('Code Injection') vulnerability

9.3

CVE-2011-3648 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability

4.3

CVE-2011-3650 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability

9.3

CVE-2011-3651 Denial of Service (DoS) vulnerability

10.0

CVE-2011-3652 Denial of Service (DoS) vulnerability

10.0

CVE-2011-3654 Denial of Service (DoS) vulnerability

10.0

CVE-2011-3655 Improper Control of Generation of Code ('Code Injection') vulnerability

9.3

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Related posts about /Alerts

Alerts for when Login Failures Strike

as seen on SQL Team - Search for 'SQL Team'
When repeated SQL Server login failures occur, a DBA should investigate. It could just be someone repeatedly typing in the wrong password. Worst case is a virus attack flooding your network with connection requests. Receiving an e-mail while login failures are occurring allows DBAs to investigate… >>> More
Nagios Statistics for Notifications/Alerts

as seen on Server Fault - Search for 'Server Fault'
We have had our Nagios installation up for a year, and we are now required to give some statistics on how much it has worked and what it has done in the environment. As such, I was wondering if anyone knows if Nagios also holds data records on how many alerts and notifications it sends out? I am… >>> More
CVE-2006-3744 Multiple Integer overflow vulnerabilities in ImageMagick

as seen on Oracle Blogs - Search for 'Oracle Blogs'
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2006-3744 Numeric Errors vulnerability 5.1 ImageMagick Solaris 10 SPARC: 136882-03 X86: 136883-03 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information… >>> More
CVE-2014-3520 Privilege Escalation vulnerability in OpenStack Keystone

as seen on Oracle Blogs - Search for 'Oracle Blogs'
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2014-3520 Privilege Escalation vulnerability 3.5 OpenStack Identity (Keystone) Solaris 11.2 11.2.1.5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product… >>> More
CVE-2011-2896 Buffer overflow vulnerability in GIMP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2896 Buffer Overflow vulnerability 5.1 GIMP Image Editor Solaris 10 SPARC: 147988-01 X86: 147989-01 Solaris 11 Express snv_151a + 7079990 This notification describes vulnerabilities fixed in third-party components that… >>> More

Developer IT