10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.126 Low
EPSS
Percentile
95.4%
Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 15 | |
firefox esr | lt | 10.0.7 | |
seamonkey | lt | 2.12 | |
thunderbird | lt | 15 | |
thunderbird esr | lt | 10.0.7 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964
bugzilla.mozilla.org/show_bug.cgi?id=756241
bugzilla.mozilla.org/show_bug.cgi?id=762280
bugzilla.mozilla.org/show_bug.cgi?id=769120
bugzilla.mozilla.org/show_bug.cgi?id=769303
bugzilla.mozilla.org/show_bug.cgi?id=771873
bugzilla.mozilla.org/show_bug.cgi?id=771976
bugzilla.mozilla.org/show_bug.cgi?id=771994
bugzilla.mozilla.org/show_bug.cgi?id=772346
bugzilla.mozilla.org/show_bug.cgi?id=773207
bugzilla.mozilla.org/show_bug.cgi?id=774548
bugzilla.mozilla.org/show_bug.cgi?id=774597
bugzilla.mozilla.org/show_bug.cgi?id=776213
bugzilla.mozilla.org/show_bug.cgi?id=777578
bugzilla.mozilla.org/show_bug.cgi?id=778428