Lucene search

[email protected]NVD:CVE-2012-0457

HistoryMar 14, 2012 - 7:55 p.m.

CVE-2012-0457

2012-03-1419:55:01

CWE-399

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.112 Low

EPSS

Percentile

95.2%

JSON

Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.

Affected configurations

NVD

Node

mozillafirefoxRange≤3.6.27

Node

mozillafirefoxRange4.0–10.0

Node

mozillafirefox_esrMatch10.0

mozillafirefox_esrMatch10.0.1

mozillafirefox_esrMatch10.0.2

Node

mozillathunderbirdRange1.0–3.1.19

Node

mozillathunderbirdRange5.0–10.0

Node

mozillathunderbird_esrMatch10.0

mozillathunderbird_esrMatch10.0.1

mozillathunderbird_esrMatch10.0.2

Node

mozillaseamonkeyMatch-

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillaseamonkeyMatch1.1.16

mozillaseamonkeyMatch1.1.17

mozillaseamonkeyMatch1.1.18

mozillaseamonkeyMatch1.1.19

mozillaseamonkeyMatch1.5.0.8

mozillaseamonkeyMatch1.5.0.9

mozillaseamonkeyMatch1.5.0.10

mozillaseamonkeyMatch2.0

mozillaseamonkeyMatch2.0alpha_1

mozillaseamonkeyMatch2.0alpha_2

mozillaseamonkeyMatch2.0alpha_3

mozillaseamonkeyMatch2.0beta_1

mozillaseamonkeyMatch2.0beta_2

mozillaseamonkeyMatch2.0rc1

mozillaseamonkeyMatch2.0rc2

mozillaseamonkeyMatch2.0.1

mozillaseamonkeyMatch2.0.2

mozillaseamonkeyMatch2.0.3

mozillaseamonkeyMatch2.0.4

mozillaseamonkeyMatch2.0.5

mozillaseamonkeyMatch2.0.6

mozillaseamonkeyMatch2.0.7

mozillaseamonkeyMatch2.0.8

mozillaseamonkeyMatch2.0.9

mozillaseamonkeyMatch2.0.10

mozillaseamonkeyMatch2.0.11

mozillaseamonkeyMatch2.0.12

mozillaseamonkeyMatch2.0.13

mozillaseamonkeyMatch2.0.14

mozillaseamonkeyMatch2.1

mozillaseamonkeyMatch2.1alpha1

mozillaseamonkeyMatch2.1alpha2

mozillaseamonkeyMatch2.1alpha3

mozillaseamonkeyMatch2.1beta1

mozillaseamonkeyMatch2.1beta2

mozillaseamonkeyMatch2.1beta3

mozillaseamonkeyMatch2.1rc1

mozillaseamonkeyMatch2.1rc2

mozillaseamonkeyMatch2.2

mozillaseamonkeyMatch2.2beta1

mozillaseamonkeyMatch2.2beta2

mozillaseamonkeyMatch2.2beta3

mozillaseamonkeyMatch2.3

mozillaseamonkeyMatch2.3beta1

mozillaseamonkeyMatch2.3beta2

mozillaseamonkeyMatch2.3beta3

mozillaseamonkeyMatch2.3.1

mozillaseamonkeyMatch2.3.2

mozillaseamonkeyMatch2.3.3

mozillaseamonkeyMatch2.4

mozillaseamonkeyMatch2.4beta1

mozillaseamonkeyMatch2.4beta2

mozillaseamonkeyMatch2.4beta3

mozillaseamonkeyMatch2.4.1

mozillaseamonkeyMatch2.5

mozillaseamonkeyMatch2.5beta1

mozillaseamonkeyMatch2.5beta2

mozillaseamonkeyMatch2.5beta3

mozillaseamonkeyMatch2.5beta4

mozillaseamonkeyMatch2.6

mozillaseamonkeyMatch2.6beta1

mozillaseamonkeyMatch2.6beta2

mozillaseamonkeyMatch2.6beta3

mozillaseamonkeyMatch2.6beta4

mozillaseamonkeyMatch2.6.1

mozillaseamonkeyMatch2.7

mozillaseamonkeyMatch2.7beta1

mozillaseamonkeyMatch2.7beta2

mozillaseamonkeyMatch2.7beta3

mozillaseamonkeyMatch2.7beta4

mozillaseamonkeyMatch2.7beta5

mozillaseamonkeyMatch2.7.1

mozillaseamonkeyMatch2.7.2

References

lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html

lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html

lists.opensuse.org/opensuse-updates/2012-03/msg00042.html

rhn.redhat.com/errata/RHSA-2012-0387.html

rhn.redhat.com/errata/RHSA-2012-0388.html

secunia.com/advisories/48359

secunia.com/advisories/48402

secunia.com/advisories/48414

secunia.com/advisories/48495

secunia.com/advisories/48496

secunia.com/advisories/48513

secunia.com/advisories/48553

secunia.com/advisories/48561

secunia.com/advisories/48624

secunia.com/advisories/48629

secunia.com/advisories/48823

www.mandriva.com/security/advisories?name=MDVSA-2012:031

www.mandriva.com/security/advisories?name=MDVSA-2012:032

www.mozilla.org/security/announce/2012/mfsa2012-14.html

www.securitytracker.com/id?1026801

www.securitytracker.com/id?1026803

www.securitytracker.com/id?1026804

www.ubuntu.com/usn/USN-1400-1

www.ubuntu.com/usn/USN-1400-2

www.ubuntu.com/usn/USN-1400-3

www.ubuntu.com/usn/USN-1400-4

www.ubuntu.com/usn/USN-1400-5

www.ubuntu.com/usn/USN-1401-1

bugzilla.mozilla.org/show_bug.cgi?id=720103

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14775

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.112 Low

EPSS

Percentile

95.2%

JSON

Related for NVD:CVE-2012-0457

ubuntucve1 prion1 cve1 cvelist1 veracode1 mozilla1 openvas43 nessus43 ubuntu7 suse3 redhat2 oraclelinux2 centos2 freebsd1 securityvulns1 kitploit1 gentoo1