Vulnerability Database

296,223

Total vulnerabilities in the database

CVE-2011-2993

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

  • Published: Aug 18, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-2993
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
mozilla / firefox 4.0-beta6 4.0-beta6.x
mozilla / firefox 4.0-beta1 4.0-beta1.x
mozilla / firefox 4.0-beta9 4.0-beta9.x
mozilla / firefox 4.0-beta5 4.0-beta5.x
mozilla / firefox 4.0-beta8 4.0-beta8.x
mozilla / firefox 4.0-beta12 4.0-beta12.x
mozilla / firefox 4.0-beta3 4.0-beta3.x
mozilla / firefox 5.0 5.0.x
mozilla / firefox 4.0-beta2 4.0-beta2.x
mozilla / firefox 4.0-beta4 4.0-beta4.x
mozilla / firefox 4.0-beta10 4.0-beta10.x
mozilla / firefox 4.0 4.0.x
mozilla / firefox 4.0-beta11 4.0-beta11.x
mozilla / firefox 4.0-beta7 4.0-beta7.x
mozilla / firefox 4.0.1 4.0.1.x
mozilla / seamonkey 2.0.10 2.0.10.x
mozilla / seamonkey 2.0.4 2.0.4.x
mozilla / seamonkey 2.1-alpha2 2.1-alpha2.x
mozilla / seamonkey 2.0.3 2.0.3.x
mozilla / seamonkey 2.0.2 2.0.2.x
mozilla / seamonkey 2.0-alpha_2 2.0-alpha_2.x
mozilla / seamonkey 2.0.8 2.0.8.x
mozilla / seamonkey 2.0-rc2 2.0-rc2.x
mozilla / seamonkey 2.0-alpha_3 2.0-alpha_3.x
mozilla / seamonkey 2.0.11 2.0.11.x
mozilla / seamonkey 2.0-beta_2 2.0-beta_2.x
mozilla / seamonkey 2.0-alpha_1 2.0-alpha_1.x
mozilla / seamonkey 2.0.9 2.0.9.x
mozilla / seamonkey 2.1-alpha1 2.1-alpha1.x
mozilla / seamonkey 2.0.1 2.0.1.x
mozilla / seamonkey 2.0.7 2.0.7.x
mozilla / seamonkey 2.0-beta_1 2.0-beta_1.x
mozilla / seamonkey 2.0.5 2.0.5.x
mozilla / seamonkey 2.0-rc1 2.0-rc1.x
mozilla / seamonkey 2.0.6 2.0.6.x
mozilla / seamonkey 2.1-alpha3 2.1-alpha3.x
mozilla / seamonkey 2.0 2.0.x