CVE-2011-2373

Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.

Published: Jun 30, 2011
Updated: Nov 9, 2025
CVE: CVE-2011-2373
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
mozilla / seamonkey	2.0.10	2.0.10.x
mozilla / seamonkey	1.1.10	1.1.10.x
mozilla / seamonkey	1.0.3	1.0.3.x
mozilla / seamonkey	2.0.13	2.0.13.x
mozilla / seamonkey	1.1.8	1.1.8.x
mozilla / seamonkey	1.0.1	1.0.1.x
mozilla / seamonkey	1.1.7	1.1.7.x
mozilla / seamonkey	1.5.0.10	1.5.0.10.x
mozilla / seamonkey	1.0.6	1.0.6.x
mozilla / seamonkey	1.0.9	1.0.9.x
mozilla / seamonkey	1.1.3	1.1.3.x
mozilla / seamonkey	2.0.4	2.0.4.x
mozilla / seamonkey	1.0	1.0.x
mozilla / seamonkey	2.0.3	2.0.3.x
mozilla / seamonkey	2.0.2	2.0.2.x
mozilla / seamonkey	1.1.17	1.1.17.x
mozilla / seamonkey	2.0-alpha_2	2.0-alpha_2.x
mozilla / seamonkey	1.1.5	1.1.5.x
mozilla / seamonkey	2.0.8	2.0.8.x
mozilla / seamonkey	1.0.7	1.0.7.x
mozilla / seamonkey	1.0-beta	1.0-beta.x
mozilla / seamonkey	1.1-alpha	1.1-alpha.x
mozilla / seamonkey	2.0-rc2	2.0-rc2.x
mozilla / seamonkey	2.0-alpha_3	2.0-alpha_3.x
mozilla / seamonkey	1.0-alpha	1.0-alpha.x
mozilla / seamonkey	1.1.12	1.1.12.x
mozilla / seamonkey	2.0.12	2.0.12.x
mozilla / seamonkey	1.1	1.1.x
mozilla / seamonkey	1.1.14	1.1.14.x
mozilla / seamonkey	2.0.11	2.0.11.x
mozilla / seamonkey	1.1.2	1.1.2.x
mozilla / seamonkey	2.0-beta_2	2.0-beta_2.x
mozilla / seamonkey	1.0.2	1.0.2.x
mozilla / seamonkey	1.0.8	1.0.8.x
mozilla / seamonkey	1.1.11	1.1.11.x
mozilla / seamonkey	2.0-alpha_1	2.0-alpha_1.x
mozilla / seamonkey	1.5.0.9	1.5.0.9.x
mozilla / seamonkey	1.1-beta	1.1-beta.x
mozilla / seamonkey	1.1.1	1.1.1.x
mozilla / seamonkey	2.0.9	2.0.9.x
mozilla / seamonkey	1.5.0.8	1.5.0.8.x
mozilla / seamonkey	2.0.1	2.0.1.x
mozilla / seamonkey	1.0.5	1.0.5.x
mozilla / seamonkey	1.1.15	1.1.15.x
mozilla / seamonkey	2.0.14	2.0.14.x
mozilla / seamonkey	1.1.6	1.1.6.x
mozilla / seamonkey	2.0.7	2.0.7.x
mozilla / seamonkey	1.1.16	1.1.16.x
mozilla / seamonkey	2.0-beta_1	2.0-beta_1.x
mozilla / seamonkey	1.1.19	1.1.19.x
mozilla / seamonkey	2.0.5	2.0.5.x
mozilla / seamonkey	2.0-rc1	2.0-rc1.x
mozilla / seamonkey	1.0.4	1.0.4.x
mozilla / seamonkey	1.1.9	1.1.9.x
mozilla / seamonkey	1.1.13	1.1.13.x
mozilla / seamonkey	1.1.18	1.1.18.x
mozilla / seamonkey	2.0.6	2.0.6.x
mozilla / seamonkey	2.0	2.0.x
mozilla / seamonkey	1.1.4	1.1.4.x
mozilla / firefox	3.6.2	3.6.2.x
mozilla / firefox	2.0.0.12	2.0.0.12.x
mozilla / firefox	3.5.18	3.5.18.x
mozilla / firefox	1.5-beta2	1.5-beta2.x
mozilla / firefox	3.0.17	3.0.17.x
mozilla / firefox	3.5.3	3.5.3.x
mozilla / firefox	3.0.7	3.0.7.x
mozilla / firefox	1.5.2	1.5.2.x
mozilla / firefox	3.0.9	3.0.9.x
mozilla / firefox	1.5.0.6	1.5.0.6.x
mozilla / firefox	3.6.3	3.6.3.x
mozilla / firefox	2.0.0.2	2.0.0.2.x
mozilla / firefox	1.5.0.10	1.5.0.10.x
mozilla / firefox	1.5.0.3	1.5.0.3.x
mozilla / firefox	3.5.6	3.5.6.x
mozilla / firefox	3.0.8	3.0.8.x
mozilla / firefox	1.5.0.11	1.5.0.11.x
mozilla / firefox	1.5.4	1.5.4.x
mozilla / firefox	1.0.2	1.0.2.x
mozilla / firefox	3.5	3.5.x
mozilla / firefox	3.5.5	3.5.5.x
mozilla / firefox	3.0.4	3.0.4.x
mozilla / firefox	1.5-beta1	1.5-beta1.x
mozilla / firefox	3.5.9	3.5.9.x
mozilla / firefox	3.5.4	3.5.4.x
mozilla / firefox	3.5.7	3.5.7.x
mozilla / firefox	3.0.5	3.0.5.x
mozilla / firefox	3.5.11	3.5.11.x
mozilla / firefox	1.5	1.5.x
mozilla / firefox	3.5.14	3.5.14.x
mozilla / firefox	1.0.4	1.0.4.x
mozilla / firefox	3.6.15	3.6.15.x
mozilla / firefox	2.0.0.7	2.0.0.7.x
mozilla / firefox	1.0.7	1.0.7.x
mozilla / firefox	3.5.10	3.5.10.x
mozilla / firefox	3.5.1	3.5.1.x
mozilla / firefox	2.0.0.9	2.0.0.9.x
mozilla / firefox	3.0.14	3.0.14.x
mozilla / firefox	3.5.2	3.5.2.x
mozilla / firefox	2.0.0.16	2.0.0.16.x
mozilla / firefox	3.6.11	3.6.11.x
mozilla / firefox	1.5.6	1.5.6.x
mozilla / firefox	2.0.0.17	2.0.0.17.x
mozilla / firefox	3.6.8	3.6.8.x
mozilla / firefox	2.0.0.15	2.0.0.15.x
mozilla / firefox	3.0.10	3.0.10.x
mozilla / firefox	3.6.9	3.6.9.x
mozilla / firefox	3.6.14	3.6.14.x
mozilla / firefox	3.0.12	3.0.12.x
mozilla / firefox	1.0	1.0.x
mozilla / firefox	3.0.3	3.0.3.x
mozilla / firefox	1.5.0.7	1.5.0.7.x
mozilla / firefox	3.6.12	3.6.12.x
mozilla / firefox	2.0	2.0.x
mozilla / firefox	1.0.1	1.0.1.x
mozilla / firefox	3.5.17	3.5.17.x
mozilla / firefox	2.0.0.14	2.0.0.14.x
mozilla / firefox	3.0.6	3.0.6.x
mozilla / firefox	3.0.15	3.0.15.x
mozilla / firefox	1.5.0.8	1.5.0.8.x
mozilla / firefox	2.0.0.3	2.0.0.3.x
mozilla / firefox	3.5.12	3.5.12.x
mozilla / firefox	1.5.0.9	1.5.0.9.x
mozilla / firefox	3.6.6	3.6.6.x
mozilla / firefox	1.5.0.5	1.5.0.5.x
mozilla / firefox	1.5.7	1.5.7.x
mozilla / firefox	1.5.0.12	1.5.0.12.x
mozilla / firefox	2.0.0.6	2.0.0.6.x
mozilla / firefox	3.0	3.0.x
mozilla / firefox	2.0.0.11	2.0.0.11.x
mozilla / firefox	1.5.0.2	1.5.0.2.x
mozilla / firefox	3.6.16	3.6.16.x
mozilla / firefox	1.0.3	1.0.3.x
mozilla / firefox	3.0.1	3.0.1.x
mozilla / firefox	2.0.0.4	2.0.0.4.x
mozilla / firefox	1.5.1	1.5.1.x
mozilla / firefox	3.6.10	3.6.10.x
mozilla / firefox	2.0.0.13	2.0.0.13.x
mozilla / firefox	2.0.0.18	2.0.0.18.x
mozilla / firefox	3.5.13	3.5.13.x
mozilla / firefox	2.0.0.1	2.0.0.1.x
mozilla / firefox	3.0.2	3.0.2.x
mozilla / firefox	3.5.19	3.5.19.x
mozilla / firefox	3.5.8	3.5.8.x
mozilla / firefox	3.6.7	3.6.7.x
mozilla / firefox	1.5.5	1.5.5.x
mozilla / firefox	1.0-preview_release	1.0-preview_release.x
mozilla / firefox	3.6.4	3.6.4.x
mozilla / firefox	3.5.15	3.5.15.x
mozilla / firefox	3.6	3.6.x
mozilla / firefox	2.0.0.20	2.0.0.20.x
mozilla / firefox	-	3.6.17.x
mozilla / firefox	2.0.0.8	2.0.0.8.x
mozilla / firefox	2.0.0.19	2.0.0.19.x
mozilla / firefox	1.5.8	1.5.8.x
mozilla / firefox	3.6.13	3.6.13.x
mozilla / firefox	1.5.3	1.5.3.x
mozilla / firefox	1.5.0.4	1.5.0.4.x
mozilla / firefox	1.5.0.1	1.5.0.1.x
mozilla / firefox	3.0.13	3.0.13.x
mozilla / firefox	3.5.16	3.5.16.x
mozilla / firefox	1.0.5	1.0.5.x
mozilla / firefox	2.0.0.5	2.0.0.5.x
mozilla / firefox	2.0.0.10	2.0.0.10.x
mozilla / firefox	1.0.6	1.0.6.x
mozilla / firefox	3.0.16	3.0.16.x
mozilla / firefox	1.0.8	1.0.8.x
mozilla / firefox	3.0.11	3.0.11.x
mozilla / thunderbird	3.0.8	3.0.8.x
mozilla / thunderbird	3.0.5	3.0.5.x
mozilla / thunderbird	1.5.0.7	1.5.0.7.x
mozilla / thunderbird	0.6	0.6.x
mozilla / thunderbird	0.7.2	0.7.2.x
mozilla / thunderbird	3.1.8	3.1.8.x
mozilla / thunderbird	2.0.0.4	2.0.0.4.x
mozilla / thunderbird	3.0.9	3.0.9.x
mozilla / thunderbird	2.0.0.6	2.0.0.6.x
mozilla / thunderbird	0.3	0.3.x
mozilla / thunderbird	2.0.0.21	2.0.0.21.x
mozilla / thunderbird	3.0.1	3.0.1.x
mozilla / thunderbird	3.1.7	3.1.7.x
mozilla / thunderbird	0.2	0.2.x
mozilla / thunderbird	3.1.2	3.1.2.x
mozilla / thunderbird	3.1.9	3.1.9.x
mozilla / thunderbird	3.1.1	3.1.1.x
mozilla / thunderbird	1.0.7	1.0.7.x
mozilla / thunderbird	2.0.0.18	2.0.0.18.x
mozilla / thunderbird	2.0.0.9	2.0.0.9.x
mozilla / thunderbird	2.0.0.16	2.0.0.16.x
mozilla / thunderbird	2.0.0.8	2.0.0.8.x
mozilla / thunderbird	2.0.0.7	2.0.0.7.x
mozilla / thunderbird	1.7.1	1.7.1.x
mozilla / thunderbird	1.5.0.3	1.5.0.3.x
mozilla / thunderbird	1.5.0.10	1.5.0.10.x
mozilla / thunderbird	1.5.0.5	1.5.0.5.x
mozilla / thunderbird	3.1.4	3.1.4.x
mozilla / thunderbird	1.5.0.6	1.5.0.6.x
mozilla / thunderbird	1.0	1.0.x
mozilla / thunderbird	3.0.7	3.0.7.x
mozilla / thunderbird	2.0.0.3	2.0.0.3.x
mozilla / thunderbird	3.0.6	3.0.6.x
mozilla / thunderbird	1.0.1	1.0.1.x
mozilla / thunderbird	1.5-beta2	1.5-beta2.x
mozilla / thunderbird	2.0.0.2	2.0.0.2.x
mozilla / thunderbird	3.0.10	3.0.10.x
mozilla / thunderbird	3.0.3	3.0.3.x
mozilla / thunderbird	1.0.2	1.0.2.x
mozilla / thunderbird	2.0.0.0	2.0.0.0.x
mozilla / thunderbird	1.5.0.13	1.5.0.13.x
mozilla / thunderbird	3.1.5	3.1.5.x
mozilla / thunderbird	3.0.11	3.0.11.x
mozilla / thunderbird	2.0.0.12	2.0.0.12.x
mozilla / thunderbird	2.0.0.22	2.0.0.22.x
mozilla / thunderbird	1.5	1.5.x
mozilla / thunderbird	1.5.0.2	1.5.0.2.x
mozilla / thunderbird	1.5.0.8	1.5.0.8.x
mozilla / thunderbird	2.0.0.14	2.0.0.14.x
mozilla / thunderbird	3.0.4	3.0.4.x
mozilla / thunderbird	0.5	0.5.x
mozilla / thunderbird	1.0.4	1.0.4.x
mozilla / thunderbird	1.5.2	1.5.2.x
mozilla / thunderbird	2.0.0.17	2.0.0.17.x
mozilla / thunderbird	2.0.0.23	2.0.0.23.x
mozilla / thunderbird	1.5.0.9	1.5.0.9.x
mozilla / thunderbird	1.5.0.11	1.5.0.11.x
mozilla / thunderbird	0.9	0.9.x
mozilla / thunderbird	1.0.3	1.0.3.x
mozilla / thunderbird	2.0	2.0.x
mozilla / thunderbird	3.0	3.0.x
mozilla / thunderbird	1.5.0.12	1.5.0.12.x
mozilla / thunderbird	0.7.3	0.7.3.x
mozilla / thunderbird	0.4	0.4.x
mozilla / thunderbird	1.5.1	1.5.1.x
mozilla / thunderbird	0.7	0.7.x
mozilla / thunderbird	1.5.0.14	1.5.0.14.x
mozilla / thunderbird	3.1	3.1.x
mozilla / thunderbird	1.0.6	1.0.6.x
mozilla / thunderbird	3.1.3	3.1.3.x
mozilla / thunderbird	2.0.0.5	2.0.0.5.x
mozilla / thunderbird	3.1.6	3.1.6.x
mozilla / thunderbird	1.7.3	1.7.3.x
mozilla / thunderbird	2.0.0.1	2.0.0.1.x
mozilla / thunderbird	1.5.0.1	1.5.0.1.x
mozilla / thunderbird	1.0.8	1.0.8.x
mozilla / thunderbird	0.1	0.1.x
mozilla / thunderbird	-	3.1.10.x
mozilla / thunderbird	0.7.1	0.7.1.x
mozilla / thunderbird	1.0.5	1.0.5.x
mozilla / thunderbird	0.8	0.8.x
mozilla / thunderbird	3.0.2	3.0.2.x
mozilla / thunderbird	2.0.0.19	2.0.0.19.x
mozilla / thunderbird	1.5.0.4	1.5.0.4.x
mozilla / firefox	4.0-beta6	4.0-beta6.x
mozilla / firefox	4.0-beta1	4.0-beta1.x
mozilla / firefox	4.0-beta9	4.0-beta9.x
mozilla / firefox	4.0-beta5	4.0-beta5.x
mozilla / firefox	4.0-beta8	4.0-beta8.x
mozilla / firefox	4.0-beta12	4.0-beta12.x
mozilla / firefox	4.0-beta3	4.0-beta3.x
mozilla / firefox	4.0-beta2	4.0-beta2.x
mozilla / firefox	4.0-beta4	4.0-beta4.x
mozilla / firefox	4.0-beta10	4.0-beta10.x
mozilla / firefox	4.0	4.0.x
mozilla / firefox	4.0-beta11	4.0-beta11.x
mozilla / firefox	4.0-beta7	4.0-beta7.x
mozilla / firefox	4.0.1	4.0.1.x

Vulnerability Database

314,372

CVE-2011-2373

Deep Security Visibility Without the Complexity