CVE-2011-3655
Description
Mozilla Firefox 4-7 and Thunderbird 5-7 fail to check NoWaiverWrapper in privilege checks, allowing remote attackers to gain elevated privileges via a crafted site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Mozilla Firefox 4-7 and Thunderbird 5-7 fail to check NoWaiverWrapper in privilege checks, allowing remote attackers to gain elevated privileges via a crafted site.
Vulnerability
Mozilla Firefox versions 4.x through 7.0 and Thunderbird 5.0 through 7.0 contain an access control flaw in which the internal privilege check fails to respect the NoWaiverWrapper wrapper object [1]. This wrapper, introduced in Firefox 4, is designed to restrict privilege escalation for web content; however, the check was omitted, allowing crafted web content to bypass security boundaries [1][2].
Exploitation
An attacker can exploit this vulnerability by hosting a specially crafted web page that, when visited by a user running an affected version of Firefox or Thunderbird, triggers the privilege escalation without needing any additional authentication or user interaction beyond the page visit [1]. The flaw does not require a specific network position beyond standard web delivery.
Impact
Successful exploitation allows the attacker to gain elevated privileges within the browser, potentially leading to arbitrary code execution, reading of local files, or installation of malicious software [1]. The impact is critical, as it provides the attacker with the same level of access as the browser process.
Mitigation
Mozilla addressed this vulnerability in Firefox 8, SeaMonkey 2.5, and Thunderbird 8, released on November 8, 2011 [1]. Users should upgrade to these fixed versions or later. No workarounds are available for earlier versions. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
30cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*
- (no CPE)range: >=4.0, <=7.0
cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
- (no CPE)range: >=5.0, <=7.0
- osv-coords3 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 2 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5News mentions
0No linked articles in our index yet.