What is the severity of CVE-2011-1712?

CVE-2011-1712 is classified as a medium severity vulnerability that allows remote attackers to gain potentially sensitive information from heap memory.

How do I fix CVE-2011-1712?

To fix CVE-2011-1712, upgrade Mozilla Firefox to versions 3.5.19 or newer, 3.6.17 or newer, or 4.0.1 or newer.

Which versions of Firefox are affected by CVE-2011-1712?

CVE-2011-1712 affects various versions of Firefox including, but not limited to, 2.0.0.12 and earlier, all 3.0.x versions, and versions up to 3.5.18.

Is SeaMonkey also vulnerable to CVE-2011-1712?

Yes, SeaMonkey versions prior to 2.0.14 are affected by CVE-2011-1712 and should be updated.

What type of information can be leaked due to CVE-2011-1712?

CVE-2011-1712 can potentially leak sensitive information contained in heap memory, which could be exploited by attackers.

Vulnerability/
CVE-2011-1712

medium

4.3

CWE

200

15/4/2011

6/8/2024

CVE-2011-1712: Infoleak

First published: Fri Apr 15 2011(Updated: )

The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	=2.0.0.12
Mozilla Firefox	=1.5-beta2
Mozilla Firefox	=3.0.17
Mozilla Firefox	=3.5.3
Mozilla Firefox	=3.0.7
Mozilla Firefox	=1.5.2
Mozilla Firefox	=3.0.9
Mozilla Firefox	=1.5.0.6
Mozilla Firefox	=2.0.0.2
Mozilla Firefox	=1.5.0.10
Mozilla Firefox	<=3.5.18
Mozilla Firefox	=1.5.0.3
Mozilla Firefox	=3.5.6
Mozilla Firefox	=3.0.8
Mozilla Firefox	=1.5.0.11
Mozilla Firefox	=1.5.4
Mozilla Firefox	=1.0.2
Mozilla Firefox	=3.5
Mozilla Firefox	=3.5.5
Mozilla Firefox	=3.0.4
Mozilla Firefox	=1.5-beta1
Mozilla Firefox	=3.5.9
Mozilla Firefox	=3.5.4
Mozilla Firefox	=3.5.7
Mozilla Firefox	=3.0.5
Mozilla Firefox	=3.5.11
Mozilla Firefox	=1.5
Mozilla Firefox	=3.5.14
Mozilla Firefox	=1.0.4
Mozilla Firefox	=2.0.0.7
Mozilla Firefox	=1.0.7
Mozilla Firefox	=3.5.10
Mozilla Firefox	=3.5.1
Mozilla Firefox	=2.0.0.9
Mozilla Firefox	=3.0.14
Mozilla Firefox	=3.5.2
Mozilla Firefox	=2.0.0.16
Mozilla Firefox	=1.5.6
Mozilla Firefox	=2.0.0.17
Mozilla Firefox	=2.0.0.15
Mozilla Firefox	=3.0.10
Mozilla Firefox	=3.0.12
Mozilla Firefox	=1.0
Mozilla Firefox	=3.0.3
Mozilla Firefox	=1.5.0.7
Mozilla Firefox	=2.0
Mozilla Firefox	=1.0.1
Mozilla Firefox	=3.5.17
Mozilla Firefox	=2.0.0.14
Mozilla Firefox	=3.0.6
Mozilla Firefox	=3.0.15
Mozilla Firefox	=1.5.0.8
Mozilla Firefox	=2.0.0.3
Mozilla Firefox	=3.5.12
Mozilla Firefox	=1.5.0.9
Mozilla Firefox	=1.5.0.5
Mozilla Firefox	=1.5.7
Mozilla Firefox	=1.5.0.12
Mozilla Firefox	=2.0.0.6
Mozilla Firefox	=3.0
Mozilla Firefox	=2.0.0.11
Mozilla Firefox	=1.5.0.2
Mozilla Firefox	=1.0.3
Mozilla Firefox	=3.0.1
Mozilla Firefox	=2.0.0.4
Mozilla Firefox	=1.5.1
Mozilla Firefox	=2.0.0.13
Mozilla Firefox	=2.0.0.18
Mozilla Firefox	=3.5.13
Mozilla Firefox	=2.0.0.1
Mozilla Firefox	=3.0.2
Mozilla Firefox	=3.5.8
Mozilla Firefox	=1.5.5
Mozilla Firefox	=1.0-preview_release
Mozilla Firefox	=3.5.15
Mozilla Firefox	=2.0.0.20
Mozilla Firefox	=2.0.0.8
Mozilla Firefox	=2.0.0.19
Mozilla Firefox	=1.5.8
Mozilla Firefox	=1.5.3
Mozilla Firefox	=1.5.0.4
Mozilla Firefox	=1.5.0.1
Mozilla Firefox	=3.0.13
Mozilla Firefox	=3.5.16
Mozilla Firefox	=1.0.5
Mozilla Firefox	=2.0.0.5
Mozilla Firefox	=2.0.0.10
Mozilla Firefox	=1.0.6
Mozilla Firefox	=3.0.16
Mozilla Firefox	=1.0.8
Mozilla Firefox	=3.0.11
Mozilla Firefox	=3.6.2
Mozilla Firefox	=3.6.3
Mozilla Firefox	=3.6.15
Mozilla Firefox	=3.6.11
Mozilla Firefox	=3.6.8
Mozilla Firefox	=3.6.9
Mozilla Firefox	=3.6.14
Mozilla Firefox	=3.6.12
Mozilla Firefox	=3.6.6
Mozilla Firefox	=3.6.16
Mozilla Firefox	=3.6.10
Mozilla Firefox	=3.6.7
Mozilla Firefox	=3.6.4
Mozilla Firefox	=3.6
Mozilla Firefox	=3.6.13
Mozilla Firefox	=4.0-beta1
Mozilla SeaMonkey	=2.0.10
Mozilla SeaMonkey	=1.1.10
Mozilla SeaMonkey	=1.0.3
Mozilla SeaMonkey	=1.1.8
Mozilla SeaMonkey	=1.0.1
Mozilla SeaMonkey	=1.1.7
Mozilla SeaMonkey	=1.5.0.10
Mozilla SeaMonkey	=1.0.6
Mozilla SeaMonkey	=1.0.9
Mozilla SeaMonkey	=1.1.3
Mozilla SeaMonkey	=2.0.4
Mozilla SeaMonkey	=1.0
Mozilla SeaMonkey	=2.0.3
Mozilla SeaMonkey	=2.0.2
Mozilla SeaMonkey	=1.1.17
Mozilla SeaMonkey	=1.1.5
Mozilla SeaMonkey	=2.0.8
Mozilla SeaMonkey	=1.0.7
Mozilla SeaMonkey	=1.0-beta
Mozilla SeaMonkey	=1.1-alpha
Mozilla SeaMonkey	<=2.0.13
Mozilla SeaMonkey	=1.0-alpha
Mozilla SeaMonkey	=1.1.12
Mozilla SeaMonkey	=2.0.12
Mozilla SeaMonkey	=1.1
Mozilla SeaMonkey	=1.1.14
Mozilla SeaMonkey	=2.0.11
Mozilla SeaMonkey	=1.1.2
Mozilla SeaMonkey	=1.0.2
Mozilla SeaMonkey	=1.0.8
Mozilla SeaMonkey	=1.1.11
Mozilla SeaMonkey	=1.5.0.9
Mozilla SeaMonkey	=1.1-beta
Mozilla SeaMonkey	=1.1.1
Mozilla SeaMonkey	=2.0.9
Mozilla SeaMonkey	=1.5.0.8
Mozilla SeaMonkey	=2.0.1
Mozilla SeaMonkey	=1.0.5
Mozilla SeaMonkey	=1.1.15
Mozilla SeaMonkey	=1.1.6
Mozilla SeaMonkey	=2.0.7
Mozilla SeaMonkey	=1.1.16
Mozilla SeaMonkey	=1.1.19
Mozilla SeaMonkey	=2.0.5
Mozilla SeaMonkey	=1.0.4
Mozilla SeaMonkey	=1.1.9
Mozilla SeaMonkey	=1.1.13
Mozilla SeaMonkey	=1.1.18
Mozilla SeaMonkey	=2.0.6
Mozilla SeaMonkey	=1.1.4

Remedy

https://bugzilla.mozilla.org/show_bug.cgi?id=640339

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1712?
CVE-2011-1712 is classified as a medium severity vulnerability that allows remote attackers to gain potentially sensitive information from heap memory.
How do I fix CVE-2011-1712?
To fix CVE-2011-1712, upgrade Mozilla Firefox to versions 3.5.19 or newer, 3.6.17 or newer, or 4.0.1 or newer.
Which versions of Firefox are affected by CVE-2011-1712?
CVE-2011-1712 affects various versions of Firefox including, but not limited to, 2.0.0.12 and earlier, all 3.0.x versions, and versions up to 3.5.18.
Is SeaMonkey also vulnerable to CVE-2011-1712?
Yes, SeaMonkey versions prior to 2.0.14 are affected by CVE-2011-1712 and should be updated.
What type of information can be leaked due to CVE-2011-1712?
CVE-2011-1712 can potentially leak sensitive information contained in heap memory, which could be exploited by attackers.

agent/type
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/references
agent/author
agent/weakness
agent/severity
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/source
vendor/mozilla
canonical/mozilla firefox
version/mozilla firefox/2.0.0.12
version/mozilla firefox/1.5-beta2
version/mozilla firefox/3.0.17
version/mozilla firefox/3.5.3
version/mozilla firefox/3.0.7
version/mozilla firefox/1.5.2
version/mozilla firefox/3.0.9
version/mozilla firefox/1.5.0.6
version/mozilla firefox/2.0.0.2
version/mozilla firefox/1.5.0.10
version/mozilla firefox/3.5.18
version/mozilla firefox/1.5.0.3
version/mozilla firefox/3.5.6
version/mozilla firefox/3.0.8
version/mozilla firefox/1.5.0.11
version/mozilla firefox/1.5.4
version/mozilla firefox/1.0.2
version/mozilla firefox/3.5
version/mozilla firefox/3.5.5
version/mozilla firefox/3.0.4
version/mozilla firefox/1.5-beta1
version/mozilla firefox/3.5.9
version/mozilla firefox/3.5.4
version/mozilla firefox/3.5.7
version/mozilla firefox/3.0.5
version/mozilla firefox/3.5.11
version/mozilla firefox/1.5
version/mozilla firefox/3.5.14
version/mozilla firefox/1.0.4
version/mozilla firefox/2.0.0.7
version/mozilla firefox/1.0.7
version/mozilla firefox/3.5.10
version/mozilla firefox/3.5.1
version/mozilla firefox/2.0.0.9
version/mozilla firefox/3.0.14
version/mozilla firefox/3.5.2
version/mozilla firefox/2.0.0.16
version/mozilla firefox/1.5.6
version/mozilla firefox/2.0.0.17
version/mozilla firefox/2.0.0.15
version/mozilla firefox/3.0.10
version/mozilla firefox/3.0.12
version/mozilla firefox/1.0
version/mozilla firefox/3.0.3
version/mozilla firefox/1.5.0.7
version/mozilla firefox/2.0
version/mozilla firefox/1.0.1
version/mozilla firefox/3.5.17
version/mozilla firefox/2.0.0.14
version/mozilla firefox/3.0.6
version/mozilla firefox/3.0.15
version/mozilla firefox/1.5.0.8
version/mozilla firefox/2.0.0.3
version/mozilla firefox/3.5.12
version/mozilla firefox/1.5.0.9
version/mozilla firefox/1.5.0.5
version/mozilla firefox/1.5.7
version/mozilla firefox/1.5.0.12
version/mozilla firefox/2.0.0.6
version/mozilla firefox/3.0
version/mozilla firefox/2.0.0.11
version/mozilla firefox/1.5.0.2
version/mozilla firefox/1.0.3
version/mozilla firefox/3.0.1
version/mozilla firefox/2.0.0.4
version/mozilla firefox/1.5.1
version/mozilla firefox/2.0.0.13
version/mozilla firefox/2.0.0.18
version/mozilla firefox/3.5.13
version/mozilla firefox/2.0.0.1
version/mozilla firefox/3.0.2
version/mozilla firefox/3.5.8
version/mozilla firefox/1.5.5
version/mozilla firefox/1.0-preview_release
version/mozilla firefox/3.5.15
version/mozilla firefox/2.0.0.20
version/mozilla firefox/2.0.0.8
version/mozilla firefox/2.0.0.19
version/mozilla firefox/1.5.8
version/mozilla firefox/1.5.3
version/mozilla firefox/1.5.0.4
version/mozilla firefox/1.5.0.1
version/mozilla firefox/3.0.13
version/mozilla firefox/3.5.16
version/mozilla firefox/1.0.5
version/mozilla firefox/2.0.0.5
version/mozilla firefox/2.0.0.10
version/mozilla firefox/1.0.6
version/mozilla firefox/3.0.16
version/mozilla firefox/1.0.8
version/mozilla firefox/3.0.11
version/mozilla firefox/3.6.2
version/mozilla firefox/3.6.3
version/mozilla firefox/3.6.15
version/mozilla firefox/3.6.11
version/mozilla firefox/3.6.8
version/mozilla firefox/3.6.9
version/mozilla firefox/3.6.14
version/mozilla firefox/3.6.12
version/mozilla firefox/3.6.6
version/mozilla firefox/3.6.16
version/mozilla firefox/3.6.10
version/mozilla firefox/3.6.7
version/mozilla firefox/3.6.4
version/mozilla firefox/3.6
version/mozilla firefox/3.6.13
version/mozilla firefox/4.0-beta1
canonical/mozilla seamonkey
version/mozilla seamonkey/2.0.10
version/mozilla seamonkey/1.1.10
version/mozilla seamonkey/1.0.3
version/mozilla seamonkey/1.1.8
version/mozilla seamonkey/1.0.1
version/mozilla seamonkey/1.1.7
version/mozilla seamonkey/1.5.0.10
version/mozilla seamonkey/1.0.6
version/mozilla seamonkey/1.0.9
version/mozilla seamonkey/1.1.3
version/mozilla seamonkey/2.0.4
version/mozilla seamonkey/1.0
version/mozilla seamonkey/2.0.3
version/mozilla seamonkey/2.0.2
version/mozilla seamonkey/1.1.17
version/mozilla seamonkey/1.1.5
version/mozilla seamonkey/2.0.8
version/mozilla seamonkey/1.0.7
version/mozilla seamonkey/1.0-beta
version/mozilla seamonkey/1.1-alpha
version/mozilla seamonkey/2.0.13
version/mozilla seamonkey/1.0-alpha
version/mozilla seamonkey/1.1.12
version/mozilla seamonkey/2.0.12
version/mozilla seamonkey/1.1
version/mozilla seamonkey/1.1.14
version/mozilla seamonkey/2.0.11
version/mozilla seamonkey/1.1.2
version/mozilla seamonkey/1.0.2
version/mozilla seamonkey/1.0.8
version/mozilla seamonkey/1.1.11
version/mozilla seamonkey/1.5.0.9
version/mozilla seamonkey/1.1-beta
version/mozilla seamonkey/1.1.1
version/mozilla seamonkey/2.0.9
version/mozilla seamonkey/1.5.0.8
version/mozilla seamonkey/2.0.1
version/mozilla seamonkey/1.0.5
version/mozilla seamonkey/1.1.15
version/mozilla seamonkey/1.1.6
version/mozilla seamonkey/2.0.7
version/mozilla seamonkey/1.1.16
version/mozilla seamonkey/1.1.19
version/mozilla seamonkey/2.0.5
version/mozilla seamonkey/1.0.4
version/mozilla seamonkey/1.1.9
version/mozilla seamonkey/1.1.13
version/mozilla seamonkey/1.1.18
version/mozilla seamonkey/2.0.6
version/mozilla seamonkey/1.1.4

CVE-2011-1712: Infoleak

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1712?

How do I fix CVE-2011-1712?

Which versions of Firefox are affected by CVE-2011-1712?

Is SeaMonkey also vulnerable to CVE-2011-1712?

What type of information can be leaked due to CVE-2011-1712?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-1712?

How do I fix CVE-2011-1712?

Which versions of Firefox are affected by CVE-2011-1712?

Is SeaMonkey also vulnerable to CVE-2011-1712?

What type of information can be leaked due to CVE-2011-1712?