Lucene search

Mozilla FoundationMFSA2012-58

HistoryAug 28, 2012 - 12:00 a.m.

Use-after-free issues found using Address Sanitizer — Mozilla

2012-08-2800:00:00

Mozilla Foundation

www.mozilla.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.126 Low

EPSS

Percentile

95.4%

JSON

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution.

CPENameOperatorVersion
firefoxlt15
firefox esrlt10.0.7
seamonkeylt2.12
thunderbirdlt15
thunderbird esrlt10.0.7

Name	Operator	Version
firefox	lt	15
firefox esr	lt	10.0.7
seamonkey	lt	2.12
thunderbird	lt	15
thunderbird esr	lt	10.0.7

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964

bugzilla.mozilla.org/show_bug.cgi?id=756241

bugzilla.mozilla.org/show_bug.cgi?id=762280

bugzilla.mozilla.org/show_bug.cgi?id=769120

bugzilla.mozilla.org/show_bug.cgi?id=769303

bugzilla.mozilla.org/show_bug.cgi?id=771873

bugzilla.mozilla.org/show_bug.cgi?id=771976

bugzilla.mozilla.org/show_bug.cgi?id=771994

bugzilla.mozilla.org/show_bug.cgi?id=772346

bugzilla.mozilla.org/show_bug.cgi?id=773207

bugzilla.mozilla.org/show_bug.cgi?id=774548

bugzilla.mozilla.org/show_bug.cgi?id=774597

bugzilla.mozilla.org/show_bug.cgi?id=776213

bugzilla.mozilla.org/show_bug.cgi?id=777578

bugzilla.mozilla.org/show_bug.cgi?id=778428

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.126 Low

EPSS

Percentile

95.4%

JSON

Related for MFSA2012-58