CVE-2011-0341
critical
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
9.3
Description
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
References
- http://secunia.com/advisories/43739
- http://secunia.com/secunia_research/2011-38/
- http://www.osvdb.org/72177
- http://www.securityfocus.com/bid/47739
- http://www.vupen.com/english/advisories/2011/1191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67298
- http://secunia.com/advisories/43739
- http://secunia.com/secunia_research/2011-38/
- http://www.osvdb.org/72177
- http://www.securityfocus.com/bid/47739
- http://www.vupen.com/english/advisories/2011/1191
- https://bugs.ghostscript.com/show_bug.cgi?id=708029
- https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=d2de9cee6036b997e536a0c0384b88b38e523e56
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67298
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.