Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-0444HistoryFeb 01, 2012 - 4:55 p.m.
CVE-2012-0444
2012-02-0116:55:01
Debian Security Bug Tracker
security-tracker.debian.org
24
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.885
Percentile
98.7%
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvorbis | < 1.3.2-1.2 | libvorbis_1.3.2-1.2_all.deb |
| Debian | 11 | all | libvorbis | < 1.3.2-1.2 | libvorbis_1.3.2-1.2_all.deb |
| Debian | 999 | all | libvorbis | < 1.3.2-1.2 | libvorbis_1.3.2-1.2_all.deb |
| Debian | 13 | all | libvorbis | < 1.3.2-1.2 | libvorbis_1.3.2-1.2_all.deb |
| Debian | 12 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 11 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 999 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 13 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
Related
checkpoint_advisories
checkpoint_advisories
ubuntucve
ubuntucve
CVE-2012-0444
2012-02-01 00:00:00
securityvulns
securityvulns
libvorbis library buffer overflow
2012-02-22 00:00:00
Mozilla Foundation Security Advisory 2012-07
2012-02-03 00:00:00
[SECURITY] [DSA 2412-1] libvorbis security update
2012-02-22 00:00:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : libvorbis (cve_2012_0444_memory_corruption)
2015-01-19 00:00:00
Mandriva Linux Security Advisory : libvorbis (MDVSA-2012:052)
2012-04-04 00:00:00
openSUSE Security Update : libvorbis (openSUSE-2012-141)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for libvorbis FEDORA-2012-1652
2012-03-19 00:00:00
CentOS Update for libvorbis CESA-2012:0136 centos6
2012-07-30 00:00:00
Mozilla Firefox Security Advisory (MFSA2012-07) - Linux
2021-11-16 00:00:00
suse
suse
Security update for libvorbis (important)
2012-03-06 23:08:25
libvorbis: fixed a heap based buffer overflow (important)
2012-03-01 23:08:28
Security update for Mozilla XULrunner (important)
2012-02-09 19:07:25
debian
debian
[SECURITY] [DSA 2412-1] libvorbis security update
2012-02-19 20:23:13
[SECURITY] [DSA 2400-1] iceweasel security update
2012-02-02 19:52:15
[SECURITY] [DSA 2406-1] icedove security update
2012-02-09 12:07:23
redhat
redhat
(RHSA-2012:0136) Important: libvorbis security update
2012-02-15 00:00:00
(RHSA-2012:0079) Critical: firefox security update
2012-01-31 00:00:00
(RHSA-2012:0422) Moderate: rhev-hypervisor6 security and bug fix update
2012-03-26 00:00:00
freebsd
freebsd
libtremor -- memory corruption
2012-01-31 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libvorbis-1.3.3-1.fc16
2012-02-17 00:57:43
zdi
zdi
nvd
nvd
CVE-2012-0444
2012-02-01 16:55:01
centos
centos
libvorbis security update
2012-02-15 09:08:27
firefox, xulrunner security update
2012-02-01 03:34:27
cve
cve
CVE-2012-0444
2012-02-01 16:55:01
cvelist
cvelist
CVE-2012-0444
2012-02-01 16:00:00
prion
prion
Memory corruption
2012-02-01 16:55:00
mozilla
mozilla
Potential Memory Corruption When Decoding Ogg Vorbis files — Mozilla
2012-01-31 00:00:00
ubuntu
ubuntu
libvorbis vulnerability
2012-02-20 00:00:00
Thunderbird vulnerabilities
2012-02-08 00:00:00
Xulrunnner vulnerabilities
2012-02-08 00:00:00
amazon
amazon
Important: libvorbis
2012-03-04 16:07:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:07:20
oraclelinux
oraclelinux
libvorbis security update
2012-02-15 00:00:00
libvorbis security update
2018-04-05 00:00:00
firefox security update
2012-01-31 00:00:00
osv
osv
iceweasel - several
2012-02-02 00:00:00
iceape - several
2012-02-02 00:00:00
icedove - several
2012-02-09 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.885
Percentile
98.7%
Related for DEBIANCVE:CVE-2012-0444