Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
BID:50589
Info
Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
| Bugtraq ID: | 50589 |
| Class: | Design Error |
| CVE: |
CVE-2011-3647 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2011 12:00AM |
| Updated: | Mar 19 2015 08:20AM |
| Credit: | moz_bug_r_a4 |
| Vulnerable: |
Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.10 powerpc Ubuntu Ubuntu Linux 10.10 i386 Ubuntu Ubuntu Linux 10.10 ARM Ubuntu Ubuntu Linux 10.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise Server 10 SP4 SuSE SUSE Linux Enterprise SDK 11 SP1 SuSE SUSE Linux Enterprise SDK 10 SP4 SuSE SUSE Linux Enterprise Desktop 11 SP1 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 11.4 SuSE openSUSE 11.3 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop version 4 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux 5 Server Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Oracle Enterprise Linux 4 Mozilla Thunderbird 3.1.12 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.5 Mozilla Thunderbird 3.1.4 Mozilla Thunderbird 3.1.9 Mozilla Thunderbird 3.1.8 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.6 Mozilla Thunderbird 3.1.3 Mozilla Thunderbird 3.1.2 Mozilla Thunderbird 3.1.15 Mozilla Thunderbird 3.1.11 Mozilla Thunderbird 3.1.10 Mozilla Thunderbird 3.1.1 Mozilla Thunderbird 3.1 Mozilla Firefox 3.6.13 Mozilla Firefox 3.6.10 Mozilla Firefox 3.6.9 Mozilla Firefox 3.6.8 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.4 Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.2 Mozilla Firefox 3.6.7 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.23 Mozilla Firefox 3.6.20 Mozilla Firefox 3.6.19 Mozilla Firefox 3.6.18 Mozilla Firefox 3.6.17 Mozilla Firefox 3.6.16 Mozilla Firefox 3.6.15 Mozilla Firefox 3.6.14 Mozilla Firefox 3.6.12 Mozilla Firefox 3.6.11 Mozilla Firefox 3.6 Beta 3 Mozilla Firefox 3.6 Beta 2 Mozilla Firefox 3.6 Moonchild Productions Pale Moon 3.6.26 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya Messaging Storage Server 5.2.8 Avaya Messaging Storage Server 5.2.2 Avaya Messaging Storage Server 5.2 SP3 Avaya Messaging Storage Server 5.2 SP2 Avaya Messaging Storage Server 5.2 SP1 Avaya Messaging Storage Server 5.2 Avaya Messaging Storage Server 5.1 SP2 Avaya Messaging Storage Server 5.1 SP1 Avaya Messaging Storage Server 5.1 Avaya Messaging Storage Server 5.0 Avaya Messaging Storage Server 4.0 Avaya Message Networking 5.2.1 Avaya Message Networking 5.2.4 Avaya Message Networking 5.2.3 Avaya Message Networking 5.2.2 Avaya Message Networking 5.2 SP1 Avaya Message Networking 5.2 Avaya Message Networking 3.1 |
| Not Vulnerable: |
Mozilla Thunderbird 3.1.16 Mozilla Firefox 3.6.24 Moonchild Productions Pale Moon 3.6.27 |
Discussion
Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
Mozilla Firefox and Thunderbird are prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security protections and perform privilege-escalation attacks.
This issue is fixed in:
Firefox 3.6.24
Thunderbird 3.1.16
Mozilla Firefox and Thunderbird are prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security protections and perform privilege-escalation attacks.
This issue is fixed in:
Firefox 3.6.24
Thunderbird 3.1.16
Exploit / POC
Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
References:
References:
- firefox security update (RHSA-2011-1437) (Avaya)
- Mozilla Firefox Homepage (Mozilla)
- Pale Moon: Release notes 3.6 (Moonchild Productions )
- Thunderbird Homepage (Mozilla)
- Mozilla Foundation Security Advisory 2011-46 (Mozilla)