Lucene search
SecurityvulnsSECURITYVULNS:DOC:26243HistoryMay 01, 2011 - 12:00 a.m.
Mozilla Foundation Security Advisory 2011-18
2011-05-0100:00:00
vulners.com
27
Mozilla Foundation Security Advisory 2011-18
Title: XSLT generate-id() function heap address leak
Impact: Low
Announced: April 28, 2011
Reporter: Chris Evans
Products: Firefox, SeaMonkey
Fixed in: Firefox 4.0.1
Firefox 3.6.17
Firefox 3.5.19
SeaMonkey 2.0.14
Description
Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system.
https://bugzilla.mozilla.org/show_bug.cgi?id=640339
CVE-2011-1202
Related
prion
prion
Design/Logic Flaw
2011-03-11 02:01:00
Design/Logic Flaw
2011-04-15 19:55:00
Design/Logic Flaw
2011-04-15 20:55:00
cve
cve
ubuntucve
ubuntucve
CVE-2011-1202
2011-03-10 00:00:00
CVE-2011-1712
2011-04-15 00:00:00
veracode
veracode
Information Leakage
2019-01-15 08:57:24
Out-Of-Bounds Read
2019-05-02 04:43:13
Denial Of Service (DoS)
2019-05-02 04:43:13
debiancve
debiancve
CVE-2011-1202
2011-03-11 02:01:00
mozilla
mozilla
XSLT generate-id() function heap address leak — Mozilla
2011-04-28 00:00:00
android
android
Android Browser Exploit WebKit
2011-02-22 00:00:00
openvas
openvas
Mandriva Update for libxslt MDVSA-2012:164 (libxslt)
2012-10-12 00:00:00
Mandriva Update for libxslt MDVSA-2012:164 (libxslt)
2012-10-12 00:00:00
Fedora Update for libxslt FEDORA-2012-14083
2012-09-27 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)
2012-10-12 00:00:00
Fedora 16 : libxslt-1.1.26-9.fc16 (2012-14048)
2012-09-27 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libxslt-1.1.26-9.fc16
2012-09-27 04:27:12
[SECURITY] Fedora 17 Update: libxslt-1.1.26-10.fc17
2012-09-26 09:11:57
[SECURITY] Fedora 18 Update: libxslt-1.1.27-2.fc18
2012-12-09 06:31:24
oraclelinux
oraclelinux
libxslt security update
2012-09-13 00:00:00
firefox security update
2011-04-29 00:00:00
amazon
amazon
Important: libxslt
2012-09-22 21:33:00
ubuntu
ubuntu
Firefox vulnerabilities
2011-04-30 00:00:00
libxslt vulnerabilities
2012-10-04 00:00:00
Thunderbird vulnerabilities
2011-05-05 00:00:00
centos
centos
libxslt security update
2012-09-13 18:02:29
firefox, xulrunner security update
2011-04-29 15:48:25
securityvulns
securityvulns
libxslt multiple security vulnerabilities
2012-10-05 00:00:00
[USN-1595-1] libxslt vulnerabilities
2012-10-05 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-05-11 00:00:00
redhat
redhat
(RHSA-2012:1265) Important: libxslt security update
2012-09-13 00:00:00
(RHSA-2011:0471) Critical: firefox security update
2011-04-28 00:00:00
(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update
2012-10-02 00:00:00
vmware
vmware
suse
suse
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
Related for SECURITYVULNS:DOC:26243