Lucene search

K
cve[email protected]CVE-2012-4215
HistoryNov 21, 2012 - 12:55 p.m.

CVE-2012-4215

2012-11-2112:55:02
CWE-416
web.nvd.nist.gov
48
cve-2012-4215
nsplaintexteditor::fireclipboardevent
mozilla firefox
firefox esr
thunderbird
thunderbird esr
seamonkey
remote code execution
denial of service
heap memory corruption

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Affected configurations

NVD
Node
mozillafirefoxRange<17.0
OR
mozillafirefox_esrRange<10.0.11
OR
mozillaseamonkeyRange<2.14
OR
mozillathunderbirdRange<17.0
OR
mozillathunderbird_esrRange<10.0.11
Node
opensuseopensuseMatch11.4
OR
opensuseopensuseMatch12.1
OR
opensuseopensuseMatch12.2
OR
suselinux_enterprise_desktopMatch10sp4
OR
suselinux_enterprise_desktopMatch11sp2
OR
suselinux_enterprise_serverMatch10sp4
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_serverMatch11sp2vmware
OR
suselinux_enterprise_software_development_kitMatch10sp4
OR
suselinux_enterprise_software_development_kitMatch11sp2
Node
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch12.10
Node
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_eusMatch6.3
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0

References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%