Lucene search

MitreCVE-2012-4218

HistoryNov 21, 2012 - 12:55 p.m.

CVE-2012-4218

2012-11-2112:55:02

CWE-416

mitre

web.nvd.nist.gov

cve-2012-4218

remote execution

denial of service

heap memory corruption

mozilla firefox

thunderbird

seamonkey

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.8

Confidence

High

EPSS

0.068

Percentile

93.9%

JSON

Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Affected configurations

Nvd

Node

mozillafirefoxRange<17.0

mozillaseamonkeyRange<2.14

mozillathunderbirdRange<17.0

Node

canonicalubuntu_linuxMatch10.04

canonicalubuntu_linuxMatch11.10

canonicalubuntu_linuxMatch12.04esm

canonicalubuntu_linuxMatch12.10

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

suselinux_enterprise_desktopMatch10sp4-

suselinux_enterprise_desktopMatch11sp2

suselinux_enterprise_serverMatch10sp4-

suselinux_enterprise_serverMatch11sp2-

suselinux_enterprise_serverMatch11sp2vmware

suselinux_enterprise_software_development_kitMatch11sp2

suselinux_enterprise_software_development_kitMatch11sp3

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
canonicalubuntu_linux10.04cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
canonicalubuntu_linux11.10cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
canonicalubuntu_linux12.10cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
opensuseopensuse11.4cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
opensuseopensuse12.1cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
opensuseopensuse12.2cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::
mozilla	thunderbird	*	cpe:2.3:a:mozilla:thunderbird::::::::
canonical	ubuntu_linux	10.04	cpe:2.3:o:canonical:ubuntu_linux:10.04:::::::*
canonical	ubuntu_linux	11.10	cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::*
canonical	ubuntu_linux	12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
canonical	ubuntu_linux	12.10	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
opensuse	opensuse	11.4	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
opensuse	opensuse	12.1	cpe:2.3:o:opensuse:opensuse:12.1:::::::*
opensuse	opensuse	12.2	cpe:2.3:o:opensuse:opensuse:12.2:::::::*