CVE-2011-2371

EPSS 86.21% · P99 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-2371

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla Firefox/Thunderbird/SeaMonkey 'Array.reduceRight()'整数溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Firefox是一款非常流行的开源WEB浏览器。Thunderbird是一个邮件客户端，支持IMAP、POP邮件协议以及HTML邮件格式。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。 Mozilla Firefox，Thunderbird和SeaMonkey的“Array.reduceRight()”函数中存在整数溢出漏洞。远程攻击者可借助超长JavaScript数组对象在易受攻击的应用程序上下文中执行任意代码，导致受影响的应用程序崩溃，并获取潜在敏感信息

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-2371

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-2371

请登录查看更多情报信息。

http://www.mozilla.org/security/announce/2011/mfsa2011-22.htmlx_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=664009x_refsource_CONFIRM
http://support.avaya.com/css/P8/documents/100144854x_refsource_CONFIRM
http://support.avaya.com/css/P8/documents/100145333x_refsource_CONFIRM
http://securityreason.com/securityalert/8472third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/45002third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2268vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2011/dsa-2273vendor-advisoryx_refsource_DEBIAN
[SECURITY] [DSA 2269-1] iceape security updatevendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-1149-1vendor-advisoryx_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDVSA-2011:111vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2011-0887.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0888.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-0885.htmlvendor-advisoryx_refsource_REDHAT
[security-announce] SUSE Security Announcement: MozillaFirefox,MozillaThunderbird (SUSE-SA:2011:028) - openSUSE Security Announce - openSUSE Mailing Listsvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13987vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2011-2371

Same Patch Batch · n/a · 2011-06-30 · 33 CVEs total

CVE-2011-2606		IBM Rational Team Concert Web UI跨站脚本攻击漏洞
CVE-2011-2604		Intel G41驱动程序拒绝服务漏洞
CVE-2011-2603		NVIDIA 9400M驱动程序拒绝服务漏洞
CVE-2011-2602		NVIDIA Geforce 310驱动程序拒绝服务漏洞
CVE-2011-2601		Apple Mac OS X GPU支持功能权限许可和访问控制漏洞
CVE-2011-2600		Microsoft Windows XP GPU支持功能权限许可和访问控制漏洞
CVE-2011-2599		Google Chrome信息泄露漏洞
CVE-2011-2598		Mozilla Firefox WebGL实现信息泄露漏洞
CVE-2011-2366		Mozilla Firefox Gecko WebGL越界读取信息泄露漏洞
CVE-2011-2197		Ruby on Rails跨站脚本攻击漏洞
CVE-2009-5082		GNU troff后置链接漏洞
CVE-2009-5081		GNU troff后置链接漏洞
CVE-2009-5080		GNU troff后置链接漏洞
CVE-2009-5079		GNU troff后置链接漏洞
CVE-2009-5078		GNU troff contrib/pdfmark/pdfroff.sh设计错误漏洞
CVE-2011-2607		IBM Rational Team Concert跨站脚本攻击漏洞
CVE-2011-0083		Mozilla Firefox/Thunderbird/SeaMonkey SVG解析释放后使用漏洞
CVE-2011-2605		Mozilla Firefox和Thunderbird CRLF注入漏洞
CVE-2011-2377		Mozilla Firefox/Thunderbird/SeaMonkey远程内存破坏漏洞
CVE-2011-2376		Mozilla Firefox和Thunderbird浏览器引擎内存破坏漏洞

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-2371

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2011-2371

I. Basic Information for CVE-2011-2371

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2011-2371

III. Intelligence Information for CVE-2011-2371

Same Patch Batch · n/a · 2011-06-30 · 33 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2011-2371

Leave a comment