CVE-2011-1712
Published: 15 April 2011
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
Notes
Author | Note |
---|---|
micahg | This is the same as CVE-2011-1202 that's referenced in the USNs |
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
karmic |
Does not exist
|
|
lucid |
Released
(3.6.17+build3+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Released
(3.6.17+build3+nobinonly-0ubuntu0.10.10.1)
|
|
natty |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
oneiric |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
precise |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
quantal |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
raring |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
saucy |
Released
(4.0.1+build1+nobinonly-0ubuntu0.11.04.1)
|
|
upstream |
Needs triage
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(2.4.1-0ubuntu1)
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1)
|
|
maverick |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1)
|
|
natty |
Released
(1.9.2.17+build3+nobinonly-0ubuntu1)
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|