VulnerableCode Vulnerability Details - VCID-9k2x-xwkt-c3cw

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-9k2x-xwkt-c3cw

Essentials
Severities (9)
References (13)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-9k2x-xwkt-c3cw
Aliases	CVE-2011-2999
Summary	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

System	Score	Found at
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
epss	0.00722	https://api.first.org/data/v1/epss?cve=CVE-2011-2999
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2011-38

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2999.json
		https://api.first.org/data/v1/epss?cve=CVE-2011-2999
741904		https://bugzilla.redhat.com/show_bug.cgi?id=741904
CVE-2011-2999		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999
GLSA-201301-01		https://security.gentoo.org/glsa/201301-01
mfsa2011-38		https://www.mozilla.org/en-US/security/advisories/mfsa2011-38
RHSA-2011:1341		https://access.redhat.com/errata/RHSA-2011:1341
RHSA-2011:1342		https://access.redhat.com/errata/RHSA-2011:1342
RHSA-2011:1343		https://access.redhat.com/errata/RHSA-2011:1343
RHSA-2011:1344		https://access.redhat.com/errata/RHSA-2011:1344
USN-1210-1		https://usn.ubuntu.com/1210-1/
USN-1213-1		https://usn.ubuntu.com/1213-1/
USN-1222-1		https://usn.ubuntu.com/1222-1/

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.72465
EPSS Score	0.00722
Published At	April 7, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:08:15.387082+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201301-01	38.0.0