icon

We found results for “

CVE-2011-2984

Good to know:

Date: August 18, 2011

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

Severity Score

Severity Score

Weakness Type (CWE)

Code Injection

CWE-94

Top Fix

icon

Upgrade Version

CVSS v3.1

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privilegs Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):
Integrity (I):
Availability (A):

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us