Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-0459
HistoryMar 14, 2012 - 7:55 p.m.

CVE-2012-0459

2012-03-1419:55:02
CWE-264
[email protected]
web.nvd.nist.gov
43
cve-2012-0459
cascading style sheets
mozilla firefox
firefox esr
thunderbird
thunderbird esr
seamonkey
denial of service
application crash
arbitrary code
remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.7 High

AI Score

Confidence

High

0.155 Low

EPSS

Percentile

95.9%

JSON

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.

Affected configurations

NVD
Node
mozillafirefoxMatch4.0
OR
mozillafirefoxMatch4.0beta1
OR
mozillafirefoxMatch4.0beta10
OR
mozillafirefoxMatch4.0beta11
OR
mozillafirefoxMatch4.0beta12
OR
mozillafirefoxMatch4.0beta2
OR
mozillafirefoxMatch4.0beta3
OR
mozillafirefoxMatch4.0beta4
OR
mozillafirefoxMatch4.0beta5
OR
mozillafirefoxMatch4.0beta6
OR
mozillafirefoxMatch4.0beta7
OR
mozillafirefoxMatch4.0beta8
OR
mozillafirefoxMatch4.0beta9
OR
mozillafirefoxMatch4.0.1
OR
mozillafirefoxMatch5.0
OR
mozillafirefoxMatch5.0.1
OR
mozillafirefoxMatch6.0
OR
mozillafirefoxMatch6.0.1
OR
mozillafirefoxMatch6.0.2
OR
mozillafirefoxMatch7.0
OR
mozillafirefoxMatch7.0.1
OR
mozillafirefoxMatch8.0
OR
mozillafirefoxMatch8.0.1
OR
mozillafirefoxMatch9.0
OR
mozillafirefoxMatch9.0.1
Node
mozillafirefox_esrMatch10.0
OR
mozillafirefox_esrMatch10.1
OR
mozillafirefox_esrMatch10.2
Node
mozillathunderbirdMatch5.0
OR
mozillathunderbirdMatch6.0
OR
mozillathunderbirdMatch6.0.1
OR
mozillathunderbirdMatch6.0.2
OR
mozillathunderbirdMatch7.0
OR
mozillathunderbirdMatch7.0.1
OR
mozillathunderbirdMatch8.0
OR
mozillathunderbirdMatch9.0
OR
mozillathunderbirdMatch9.0.1
Node
mozillathunderbird_esrMatch10.0
OR
mozillathunderbird_esrMatch10.0.1
OR
mozillathunderbird_esrMatch10.0.2
Node
mozillaseamonkeyRange2.7beta5
OR
mozillaseamonkeyMatch1.0
OR
mozillaseamonkeyMatch1.0alpha
OR
mozillaseamonkeyMatch1.0beta
OR
mozillaseamonkeyMatch1.0.1
OR
mozillaseamonkeyMatch1.0.2
OR
mozillaseamonkeyMatch1.0.3
OR
mozillaseamonkeyMatch1.0.4
OR
mozillaseamonkeyMatch1.0.5
OR
mozillaseamonkeyMatch1.0.6
OR
mozillaseamonkeyMatch1.0.7
OR
mozillaseamonkeyMatch1.0.8
OR
mozillaseamonkeyMatch1.0.9
OR
mozillaseamonkeyMatch1.1
OR
mozillaseamonkeyMatch1.1alpha
OR
mozillaseamonkeyMatch1.1beta
OR
mozillaseamonkeyMatch1.1.1
OR
mozillaseamonkeyMatch1.1.2
OR
mozillaseamonkeyMatch1.1.3
OR
mozillaseamonkeyMatch1.1.4
OR
mozillaseamonkeyMatch1.1.5
OR
mozillaseamonkeyMatch1.1.6
OR
mozillaseamonkeyMatch1.1.7
OR
mozillaseamonkeyMatch1.1.8
OR
mozillaseamonkeyMatch1.1.9
OR
mozillaseamonkeyMatch1.1.10
OR
mozillaseamonkeyMatch1.1.11
OR
mozillaseamonkeyMatch1.1.12
OR
mozillaseamonkeyMatch1.1.13
OR
mozillaseamonkeyMatch1.1.14
OR
mozillaseamonkeyMatch1.1.15
OR
mozillaseamonkeyMatch1.1.16
OR
mozillaseamonkeyMatch1.1.17
OR
mozillaseamonkeyMatch1.1.18
OR
mozillaseamonkeyMatch1.1.19
OR
mozillaseamonkeyMatch1.5.0.8
OR
mozillaseamonkeyMatch1.5.0.9
OR
mozillaseamonkeyMatch1.5.0.10
OR
mozillaseamonkeyMatch2.0
OR
mozillaseamonkeyMatch2.0alpha_1
OR
mozillaseamonkeyMatch2.0alpha_2
OR
mozillaseamonkeyMatch2.0alpha_3
OR
mozillaseamonkeyMatch2.0beta_1
OR
mozillaseamonkeyMatch2.0beta_2
OR
mozillaseamonkeyMatch2.0rc1
OR
mozillaseamonkeyMatch2.0rc2
OR
mozillaseamonkeyMatch2.0.1
OR
mozillaseamonkeyMatch2.0.2
OR
mozillaseamonkeyMatch2.0.3
OR
mozillaseamonkeyMatch2.0.4
OR
mozillaseamonkeyMatch2.0.5
OR
mozillaseamonkeyMatch2.0.6
OR
mozillaseamonkeyMatch2.0.7
OR
mozillaseamonkeyMatch2.0.8
OR
mozillaseamonkeyMatch2.0.9
OR
mozillaseamonkeyMatch2.0.10
OR
mozillaseamonkeyMatch2.0.11
OR
mozillaseamonkeyMatch2.0.12
OR
mozillaseamonkeyMatch2.0.13
OR
mozillaseamonkeyMatch2.0.14
OR
mozillaseamonkeyMatch2.1
OR
mozillaseamonkeyMatch2.1alpha1
OR
mozillaseamonkeyMatch2.1alpha2
OR
mozillaseamonkeyMatch2.1alpha3
OR
mozillaseamonkeyMatch2.1beta1
OR
mozillaseamonkeyMatch2.1beta2
OR
mozillaseamonkeyMatch2.1beta3
OR
mozillaseamonkeyMatch2.1rc1
OR
mozillaseamonkeyMatch2.1rc2
OR
mozillaseamonkeyMatch2.2
OR
mozillaseamonkeyMatch2.2beta1
OR
mozillaseamonkeyMatch2.2beta2
OR
mozillaseamonkeyMatch2.2beta3
OR
mozillaseamonkeyMatch2.3
OR
mozillaseamonkeyMatch2.3beta1
OR
mozillaseamonkeyMatch2.3beta2
OR
mozillaseamonkeyMatch2.3beta3
OR
mozillaseamonkeyMatch2.3.1
OR
mozillaseamonkeyMatch2.3.2
OR
mozillaseamonkeyMatch2.3.3
OR
mozillaseamonkeyMatch2.4
OR
mozillaseamonkeyMatch2.4beta1
OR
mozillaseamonkeyMatch2.4beta2
OR
mozillaseamonkeyMatch2.4beta3
OR
mozillaseamonkeyMatch2.4.1
OR
mozillaseamonkeyMatch2.5
OR
mozillaseamonkeyMatch2.5beta1
OR
mozillaseamonkeyMatch2.5beta2
OR
mozillaseamonkeyMatch2.5beta3
OR
mozillaseamonkeyMatch2.5beta4
OR
mozillaseamonkeyMatch2.6
OR
mozillaseamonkeyMatch2.6beta1
OR
mozillaseamonkeyMatch2.6beta2
OR
mozillaseamonkeyMatch2.6beta3
OR
mozillaseamonkeyMatch2.6beta4
OR
mozillaseamonkeyMatch2.6.1
OR
mozillaseamonkeyMatch2.7beta1
OR
mozillaseamonkeyMatch2.7beta2
OR
mozillaseamonkeyMatch2.7beta3
OR
mozillaseamonkeyMatch2.7beta4

References

Related

ubuntucve 1
openvas 38
cvelist 1
nvd 1
prion 1
veracode 1
mozilla 1
nessus 32
ubuntu 5
centos 2
oraclelinux 2
redhat 2
freebsd 1
securityvulns 1
suse 2
gentoo 1
ubuntucve
ubuntucve
CVE-2012-0459
2012-03-14 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-17) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities - Mar12 (Win 01)
2012-03-19 00:00:00
Mozilla Products Multiple Vulnerabilities - Mar12 (Mac OS X 01)
2012-03-20 00:00:00
cvelist
cvelist
CVE-2012-0459
2012-03-14 19:00:00
nvd
nvd
CVE-2012-0459
2012-03-14 19:55:02
prion
prion
Code injection
2012-03-14 19:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:07:57
mozilla
mozilla
Crash when accessing keyframe cssText after dynamic modification — Mozilla
2012-03-13 00:00:00
nessus
nessus
RHEL 5 / 6 : firefox (RHSA-2012:0387)
2012-03-14 00:00:00
Ubuntu 11.04 : gsettings-desktop-schemas regression (USN-1400-5)
2012-04-20 00:00:00
Oracle Linux 5 / 6 : firefox (ELSA-2012-0387)
2013-07-12 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-03-21 00:00:00
Firefox vulnerabilities
2012-03-16 00:00:00
Thunderbird regressions
2012-04-03 00:00:00
centos
centos
firefox, xulrunner security update
2012-03-14 11:23:06
thunderbird security update
2012-03-14 11:41:24
oraclelinux
oraclelinux
thunderbird security update
2012-03-14 00:00:00
firefox security and bug fix update
2012-03-14 00:00:00
redhat
redhat
(RHSA-2012:0388) Critical: thunderbird security update
2012-03-14 00:00:00
(RHSA-2012:0387) Critical: firefox security and bug fix update
2012-03-14 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-03-13 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-03-17 00:00:00
suse
suse
Security update for Mozilla Firefox (critical)
2012-03-28 21:08:31
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.7 High

AI Score

Confidence

High

0.155 Low

EPSS

Percentile

95.9%

JSON
Related for CVE-2012-0459
ubuntucve1openvas38cvelist1nvd1prion1veracode1mozilla1nessus32ubuntu5centos2oraclelinux2redhat2freebsd1securityvulns1suse2gentoo1