suse · CVE-2011-2371

Quick triage

Priority: critical 公開: 2021-05-30 12:57:55 UTC Updated: 2026-04-18 20:00:59 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2011-2371 severity critical: SUSE including 89 source package names (MozillaFirefox-10.0-0.3.2, MozillaFirefox-140.2.0-160000.1.2, …), 110 product×package rows across 31 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (31 product lines)): Fixed 110.

Description:

Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.

cvelogic Threat Intelligence