CVE-2011-3661 in Ubuntu

CVE-2011-3661

Priority

Medium

Description

YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through
8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via crafted
JavaScript.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3661
http://www.mozilla.org/security/announce/2011/mfsa2011-54.html
http://www.ubuntu.com/usn/usn-1306-1
http://www.ubuntu.com/usn/usn-1343-1

Bugs

https://bugzilla.mozilla.org/show_bug.cgi?id=691299

Package

Source: thunderbird (LP Ubuntu Debian)

Upstream:	released (9.0)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	released
Ubuntu 11.10 (Oneiric Ocelot):	released (9.0+build2-0ubuntu0.11.10.1)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (11.0.1+build1-0ubuntu2)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (15.0+build1-0ubuntu1)
Ubuntu 13.04 (Raring Ringtail):	not-affected (15.0+build1-0ubuntu1)
Ubuntu 13.10 (Saucy Salamander):	not-affected (15.0+build1-0ubuntu1)

Package

Source: xulrunner-2.0 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 11.10 (Oneiric Ocelot):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: firefox (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	released (9.0.1+build1-0ubuntu0.10.04.2)
Ubuntu 11.10 (Oneiric Ocelot):	released (9.0.1+build1-0ubuntu0.11.10.2)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	not-affected
Ubuntu 13.04 (Raring Ringtail):	not-affected
Ubuntu 13.10 (Saucy Salamander):	not-affected

Package

Source: seamonkey (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	needs-triage
Ubuntu 11.10 (Oneiric Ocelot):	ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: xulrunner-1.9.2 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	ignored (see notes)
Ubuntu 11.10 (Oneiric Ocelot):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

More Information

Updated: 2013-05-09 15:15:50 UTC (commit 6824)