| ID |
CVE-2011-0991
|
| Summary |
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*
cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*
cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.8 (as of 17-08-2017 - 01:33) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| refmap
via4
|
| bid | 47208 | | confirm | | | mlist | - [opensuse-updates] 20110408 openSUSE-SU-2011:0313-1 (critical): moonlight security update
- [oss-security] 20110406 Moonlight release 2.4.1 with security fixes
| | secunia | | | vupen | ADV-2011-0904 | | xf | momo-dynamicmethod-code-execution(66626) |
|
| Last major update |
17-08-2017 - 01:33 |
| Published |
13-04-2011 - 21:55 |
| Last modified |
17-08-2017 - 01:33 |
