{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-08-16T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html"}, {"name": "oval:org.mitre.oval:def:14270", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html"}, {"name": "SUSE-SA:2011:037", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html"}, {"name": "49055", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49055"}, {"name": "49242", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/49242"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-2988", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html"}, {"name": "oval:org.mitre.oval:def:14270", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270"}, {"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html"}, {"name": "SUSE-SA:2011:037", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html"}, {"name": "49055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49055"}, {"name": "49242", "refsource": "BID", "url": "http://www.securityfocus.com/bid/49242"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936"}, {"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:22:26.000Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html"}, {"name": "oval:org.mitre.oval:def:14270", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html"}, {"name": "SUSE-SA:2011:037", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html"}, {"name": "49055", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49055"}, {"name": "49242", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/49242"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-2988", "datePublished": "2011-08-18T18:00:00", "dateReserved": "2011-08-01T00:00:00", "dateUpdated": "2024-08-06T23:22:26.000Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C69962C4-FA56-47F2-82A4-DFF4C19DAF3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "B7BC1684-3634-4585-B7E6-8C8777E1DA0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "matchCriteriaId": "A490D040-EF74-45C2-89ED-D88ADD222712", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "matchCriteriaId": "6CDA17D1-CD93-401E-860C-7C3291FEEB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "matchCriteriaId": "6F72FDE3-54E0-48E4-9015-1B8A36DB1EC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "4062C901-3828-415B-A6C3-EDD0E7B20C0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "CC0D8730-7034-4AD6-9B05-F8BAFB0145EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "857AFB05-F0C1-4061-9680-9561D68C908F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "80801CD8-EEAF-4BC4-9085-DCCC6CF73076", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "FAF4C78A-5093-4871-AF69-A8E8FD7E1AAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "560AD4C7-89D2-4323-BBCC-A89EEB6832CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "6B389CBC-4F6C-4C17-A87B-A6DD92703A10", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DDFBA043-91BC-4FB5-A34D-FCE1A9C65A88", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8901A808-66F1-4501-AFF6-6FBB22852855", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "58EB8E8A-84DE-43AA-B8F0-B585FB73D724", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "matchCriteriaId": "C19C0BF7-390D-4E2E-BA32-28DFF73C55F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "matchCriteriaId": "5FE5E50C-80ED-4CA7-BC85-8BD2E324D527", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "matchCriteriaId": "FEBF912C-A12E-4DBD-84AC-8B440E190BCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "matchCriteriaId": "9B8EDED6-29EF-4A9F-955D-F5E6611C2141", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "matchCriteriaId": "EDC9C82D-586A-48F4-B540-1E2AE79806B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "51FCF83B-630A-4413-BFAA-0C24A6B8F4F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "84B2AA0A-0220-49DD-82CD-37FDC563F146", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D754AF10-1E43-46C8-A444-E7DB3401509D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "34182167-F1DF-455B-BFDB-0A8491590479", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B8ECA6CE-20D0-4A4F-B376-888A9328B044", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1FEFCAB0-E57A-46E8-94C7-8510BB87C6B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9FB5C972-AF7B-4EC7-BCE5-867CACCF5C19", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C68DBB31-7804-446E-9A53-073E4B74E851", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "31ADCC51-CE05-4EB6-BE8F-B64FD62946A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "387390AE-CF25-47ED-BD36-F42455DE1A4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "78D5F0AD-9974-40A1-942F-0F03A278DAD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "2C388E6F-148E-4EA5-8D82-7778398122BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "1F1FEB21-60B1-4303-BE19-576CC93B940C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "37F07875-FB5E-4B13-9798-BF9AEBD8A2A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "87FD9961-DA1C-4846-A779-A836C07B98A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "4A40438F-0CF1-4A3E-BAC7-199D72901B53", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "20EB46CA-D5DD-4FA8-A234-21C938620F25", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "matchCriteriaId": "635FCE4C-2D15-4FB2-8917-D176B1539024", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "matchCriteriaId": "E59E74C2-38F2-4B7F-88C0-9919548713B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "matchCriteriaId": "DB6663ED-4643-4BB7-B281-706C7A0E10F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "matchCriteriaId": "E7E8003B-C319-4AD0-9D32-DA05346869C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "matchCriteriaId": "E60060B4-2301-497E-B03B-3DF3FBF159AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "matchCriteriaId": "4983E235-19E8-4315-977B-E74CD0BD5F09", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "5C0D4ECE-209E-4919-B31C-D8BCCEABC759", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "B02ED302-0410-4F21-99C5-613DF719E7E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C298DB-767F-4703-B2DD-6499A11CEC28", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*", "matchCriteriaId": "46A3F5F4-CD81-4970-9A1B-38CC0308D450", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*", "matchCriteriaId": "799A7D47-5A5B-4B4A-A462-8A488E04F5D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*", "matchCriteriaId": "EB80610A-8A8A-4383-817D-9179D755165C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DB30B17-1CD7-49B4-9A30-3858211587DE", "versionEndIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader."}, {"lang": "es", "value": "Desbordamiento de buffer en una clase string no especificada en la implementaci\u00f3n WebGL shader en Mozilla Firefox 4.x hasta la versi\u00f3n 5, Thunderbird en versiones anteriores a 6, SeaMonkey 2.x en versiones anteriores a 2.3 y posiblemente otros productos permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un bloque de c\u00f3digo fuente largo en un shader."}], "id": "CVE-2011-2988", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-08-18T18:55:01.850", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/49055"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html"}, {"source": "cve@mitre.org", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html"}, {"source": "cve@mitre.org", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/49242"}, {"source": "cve@mitre.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/49055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-29.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-31.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-33.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/49242"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=665936"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}