10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.713 High
EPSS
Percentile
98.0%
The Mozilla Project reports:
MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/
rv:10.0.8)
MFSA 2012-75 select element persistance allows for attacks
MFSA 2012-76 Continued access to initial origin after setting
document.domain
MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
MFSA 2012-78 Reader Mode pages have chrome privileges
MFSA 2012-79 DOS and crash with full screen and history navigation
MFSA 2012-80 Crash with invalid cast when using instanceof
operator
MFSA 2012-81 GetProperty function can bypass security checks
MFSA 2012-82 top object and location property accessible by
plugins
MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces
to privileged functions or properties
MFSA 2012-84 Spoofing and script injection through location.hash
MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds
read issues found using Address Sanitizer
MFSA 2012-86 Heap memory corruption issues found using Address
Sanitizer
MFSA 2012-87 Use-after-free in the IME State Manager
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
MFSA 2012-89 defaultValue security checks not applied
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 16.0.1,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 10.0.9,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.13.1 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 10.0.9 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.13.1 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 16.0.1 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 10.0.9 | UNKNOWN |
www.mozilla.org/security/announce/2012/mfsa2012-74.html
www.mozilla.org/security/announce/2012/mfsa2012-75.html
www.mozilla.org/security/announce/2012/mfsa2012-76.html
www.mozilla.org/security/announce/2012/mfsa2012-77.html
www.mozilla.org/security/announce/2012/mfsa2012-78.html
www.mozilla.org/security/announce/2012/mfsa2012-79.html
www.mozilla.org/security/announce/2012/mfsa2012-80.html
www.mozilla.org/security/announce/2012/mfsa2012-81.html
www.mozilla.org/security/announce/2012/mfsa2012-82.html
www.mozilla.org/security/announce/2012/mfsa2012-83.html
www.mozilla.org/security/announce/2012/mfsa2012-84.html
www.mozilla.org/security/announce/2012/mfsa2012-85.html
www.mozilla.org/security/announce/2012/mfsa2012-86.html
www.mozilla.org/security/announce/2012/mfsa2012-87.html
www.mozilla.org/security/announce/2012/mfsa2012-88.html
www.mozilla.org/security/announce/2012/mfsa2012-89.html
www.mozilla.org/security/known-vulnerabilities/