MitreCVELIST:CVE-2012-1954CVE-2012-1954
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
References
lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
osvdb.org/83995
rhn.redhat.com/errata/RHSA-2012-1088.html
secunia.com/advisories/49963
secunia.com/advisories/49964
secunia.com/advisories/49965
secunia.com/advisories/49968
secunia.com/advisories/49972
secunia.com/advisories/49977
secunia.com/advisories/49979
secunia.com/advisories/49992
secunia.com/advisories/49993
secunia.com/advisories/49994
www.debian.org/security/2012/dsa-2514
www.debian.org/security/2012/dsa-2528
www.mozilla.org/security/announce/2012/mfsa2012-44.html
www.securityfocus.com/bid/54578
www.securitytracker.com/id?1027256
www.securitytracker.com/id?1027257
www.securitytracker.com/id?1027258
www.ubuntu.com/usn/USN-1509-1
www.ubuntu.com/usn/USN-1509-2
www.ubuntu.com/usn/USN-1510-1
bugzilla.mozilla.org/show_bug.cgi?id=765139
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984
Related
