← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

PublicDateAtUSN: 2011-08-17
Candidate: CVE-2011-2993
PublicDate: 2011-08-18
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2993
 http://www.ubuntu.com/usn/usn-1192-1
Description:
 The implementation of digital signatures for JAR files in Mozilla Firefox
 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does
 not prevent calls from unsigned JavaScript code to signed code, which
 allows remote attackers to bypass the Same Origin Policy and gain
 privileges via a crafted web site, a different vulnerability than
 CVE-2008-2801.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: micahg

Patches_firefox:
upstream_firefox: released (6.0)
hardy_firefox: ignored (uses system xulrunner)
lucid_firefox: not-affected
maverick_firefox: not-affected
natty_firefox: released (6.0+build1+nobinonly-0ubuntu0.11.04.1)
oneiric_firefox: not-affected
precise_firefox: not-affected
quantal_firefox: not-affected
devel_firefox: not-affected

Patches_firefox-3.0:
upstream_firefox-3.0: needs-triage (Ubuntu source uses 3.6.x)
hardy_firefox-3.0: ignored (reached end-of-life)
lucid_firefox-3.0: DNE
maverick_firefox-3.0: DNE
natty_firefox-3.0: DNE
oneiric_firefox-3.0: DNE
precise_firefox-3.0: DNE
quantal_firefox-3.0: DNE
devel_firefox-3.0: DNE

Patches_firefox-3.5:
upstream_firefox-3.5: needs-triage (Ubuntu source uses 3.6.x)
hardy_firefox-3.5: DNE
lucid_firefox-3.5: DNE
maverick_firefox-3.5: DNE
natty_firefox-3.5: DNE
oneiric_firefox-3.5: DNE
precise_firefox-3.5: DNE
quantal_firefox-3.5: DNE
devel_firefox-3.5: DNE


Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: not-affected
hardy_xulrunner-1.9.2: ignored (reached end-of-life)
lucid_xulrunner-1.9.2: not-affected
maverick_xulrunner-1.9.2: not-affected
natty_xulrunner-1.9.2: not-affected
oneiric_xulrunner-1.9.2: DNE
precise_xulrunner-1.9.2: DNE
quantal_xulrunner-1.9.2: DNE
devel_xulrunner-1.9.2: DNE

Patches_xulrunner-2.0:
upstream_xulrunner-2.0: needed
hardy_xulrunner-2.0: DNE
lucid_xulrunner-2.0: DNE
maverick_xulrunner-2.0: DNE
natty_xulrunner-2.0: ignored (reached end-of-life)
oneiric_xulrunner-2.0: DNE
precise_xulrunner-2.0: DNE
quantal_xulrunner-2.0: DNE
devel_xulrunner-2.0: DNE


Patches_seamonkey:
upstream_seamonkey: not-affected
hardy_seamonkey: ignored (reached end-of-life)
lucid_seamonkey: not-affected
maverick_seamonkey: not-affected
natty_seamonkey: not-affected
oneiric_seamonkey: not-affected
precise_seamonkey: DNE
quantal_seamonkey: DNE
devel_seamonkey: DNE


Patches_thunderbird:
upstream_thunderbird: not-affected
hardy_thunderbird: ignored (reached end-of-life)
lucid_thunderbird: not-affected
maverick_thunderbird: not-affected
natty_thunderbird: not-affected
oneiric_thunderbird: not-affected
precise_thunderbird: not-affected
quantal_thunderbird: not-affected
devel_thunderbird: not-affected