Lucene search
HistoryApr 25, 2012 - 10:10 a.m.
CVE-2012-0468
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.107 Low
EPSS
Percentile
95.1%
The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.
Affected configurations
Node
mozillafirefoxMatch4.0
ORmozillafirefoxMatch4.0beta1
ORmozillafirefoxMatch4.0beta10
ORmozillafirefoxMatch4.0beta11
ORmozillafirefoxMatch4.0beta12
ORmozillafirefoxMatch4.0beta2
ORmozillafirefoxMatch4.0beta3
ORmozillafirefoxMatch4.0beta4
ORmozillafirefoxMatch4.0beta5
ORmozillafirefoxMatch4.0beta6
ORmozillafirefoxMatch4.0beta7
ORmozillafirefoxMatch4.0beta8
ORmozillafirefoxMatch4.0beta9
ORmozillafirefoxMatch4.0.1
ORmozillafirefoxMatch5.0
ORmozillafirefoxMatch5.0.1
ORmozillafirefoxMatch6.0
ORmozillafirefoxMatch6.0.1
ORmozillafirefoxMatch6.0.2
ORmozillafirefoxMatch7.0
ORmozillafirefoxMatch7.0.1
ORmozillafirefoxMatch8.0
ORmozillafirefoxMatch8.0.1
ORmozillafirefoxMatch9.0
ORmozillafirefoxMatch9.0.1
ORmozillafirefoxMatch10.0
ORmozillafirefoxMatch10.0.1
ORmozillafirefoxMatch10.0.2
ORmozillafirefoxMatch11.0
Node
mozillathunderbirdMatch5.0
ORmozillathunderbirdMatch6.0
ORmozillathunderbirdMatch6.0.1
ORmozillathunderbirdMatch6.0.2
ORmozillathunderbirdMatch7.0
ORmozillathunderbirdMatch7.0.1
ORmozillathunderbirdMatch8.0
ORmozillathunderbirdMatch9.0
ORmozillathunderbirdMatch9.0.1
ORmozillathunderbirdMatch10.0
ORmozillathunderbirdMatch10.0.1
ORmozillathunderbirdMatch10.0.2
ORmozillathunderbirdMatch10.0.3
ORmozillathunderbirdMatch10.0.4
ORmozillathunderbirdMatch11.0
Node
mozillaseamonkeyRange≤2.9beta3
ORmozillaseamonkeyMatch1.0
ORmozillaseamonkeyMatch1.0alpha
ORmozillaseamonkeyMatch1.0beta
ORmozillaseamonkeyMatch1.0.1
ORmozillaseamonkeyMatch1.0.2
ORmozillaseamonkeyMatch1.0.3
ORmozillaseamonkeyMatch1.0.4
ORmozillaseamonkeyMatch1.0.5
ORmozillaseamonkeyMatch1.0.6
ORmozillaseamonkeyMatch1.0.7
ORmozillaseamonkeyMatch1.0.8
ORmozillaseamonkeyMatch1.0.9
ORmozillaseamonkeyMatch1.1
ORmozillaseamonkeyMatch1.1alpha
ORmozillaseamonkeyMatch1.1beta
ORmozillaseamonkeyMatch1.1.1
ORmozillaseamonkeyMatch1.1.2
ORmozillaseamonkeyMatch1.1.3
ORmozillaseamonkeyMatch1.1.4
ORmozillaseamonkeyMatch1.1.5
ORmozillaseamonkeyMatch1.1.6
ORmozillaseamonkeyMatch1.1.7
ORmozillaseamonkeyMatch1.1.8
ORmozillaseamonkeyMatch1.1.9
ORmozillaseamonkeyMatch1.1.10
ORmozillaseamonkeyMatch1.1.11
ORmozillaseamonkeyMatch1.1.12
ORmozillaseamonkeyMatch1.1.13
ORmozillaseamonkeyMatch1.1.14
ORmozillaseamonkeyMatch1.1.15
ORmozillaseamonkeyMatch1.1.16
ORmozillaseamonkeyMatch1.1.17
ORmozillaseamonkeyMatch1.1.18
ORmozillaseamonkeyMatch1.1.19
ORmozillaseamonkeyMatch1.5.0.8
ORmozillaseamonkeyMatch1.5.0.9
ORmozillaseamonkeyMatch1.5.0.10
ORmozillaseamonkeyMatch2.0
ORmozillaseamonkeyMatch2.0alpha_1
ORmozillaseamonkeyMatch2.0alpha_2
ORmozillaseamonkeyMatch2.0alpha_3
ORmozillaseamonkeyMatch2.0beta_1
ORmozillaseamonkeyMatch2.0beta_2
ORmozillaseamonkeyMatch2.0rc1
ORmozillaseamonkeyMatch2.0rc2
ORmozillaseamonkeyMatch2.0.1
ORmozillaseamonkeyMatch2.0.2
ORmozillaseamonkeyMatch2.0.3
ORmozillaseamonkeyMatch2.0.4
ORmozillaseamonkeyMatch2.0.5
ORmozillaseamonkeyMatch2.0.6
ORmozillaseamonkeyMatch2.0.7
ORmozillaseamonkeyMatch2.0.8
ORmozillaseamonkeyMatch2.0.9
ORmozillaseamonkeyMatch2.0.10
ORmozillaseamonkeyMatch2.0.11
ORmozillaseamonkeyMatch2.0.12
ORmozillaseamonkeyMatch2.0.13
ORmozillaseamonkeyMatch2.0.14
ORmozillaseamonkeyMatch2.1
ORmozillaseamonkeyMatch2.1alpha1
ORmozillaseamonkeyMatch2.1alpha2
ORmozillaseamonkeyMatch2.1alpha3
ORmozillaseamonkeyMatch2.1beta1
ORmozillaseamonkeyMatch2.1beta2
ORmozillaseamonkeyMatch2.1beta3
ORmozillaseamonkeyMatch2.1rc1
ORmozillaseamonkeyMatch2.1rc2
ORmozillaseamonkeyMatch2.2
ORmozillaseamonkeyMatch2.2beta1
ORmozillaseamonkeyMatch2.2beta2
ORmozillaseamonkeyMatch2.2beta3
ORmozillaseamonkeyMatch2.3
ORmozillaseamonkeyMatch2.3beta1
ORmozillaseamonkeyMatch2.3beta2
ORmozillaseamonkeyMatch2.3beta3
ORmozillaseamonkeyMatch2.3.1
ORmozillaseamonkeyMatch2.3.2
ORmozillaseamonkeyMatch2.3.3
ORmozillaseamonkeyMatch2.4
ORmozillaseamonkeyMatch2.4beta1
ORmozillaseamonkeyMatch2.4beta2
ORmozillaseamonkeyMatch2.4beta3
ORmozillaseamonkeyMatch2.4.1
ORmozillaseamonkeyMatch2.5
ORmozillaseamonkeyMatch2.5beta1
ORmozillaseamonkeyMatch2.5beta2
ORmozillaseamonkeyMatch2.5beta3
ORmozillaseamonkeyMatch2.5beta4
ORmozillaseamonkeyMatch2.6
ORmozillaseamonkeyMatch2.6beta1
ORmozillaseamonkeyMatch2.6beta2
ORmozillaseamonkeyMatch2.6beta3
ORmozillaseamonkeyMatch2.6beta4
ORmozillaseamonkeyMatch2.6.1
ORmozillaseamonkeyMatch2.7
ORmozillaseamonkeyMatch2.7beta1
ORmozillaseamonkeyMatch2.7beta2
ORmozillaseamonkeyMatch2.7beta3
ORmozillaseamonkeyMatch2.7beta4
ORmozillaseamonkeyMatch2.7beta5
ORmozillaseamonkeyMatch2.7.1
ORmozillaseamonkeyMatch2.7.2
ORmozillaseamonkeyMatch2.8
ORmozillaseamonkeyMatch2.8beta1
ORmozillaseamonkeyMatch2.8beta2
ORmozillaseamonkeyMatch2.8beta3
ORmozillaseamonkeyMatch2.8beta4
ORmozillaseamonkeyMatch2.8beta5
ORmozillaseamonkeyMatch2.8beta6
ORmozillaseamonkeyMatch2.9beta1
ORmozillaseamonkeyMatch2.9beta2
References
secunia.com/advisories/48972
secunia.com/advisories/49047
secunia.com/advisories/49055
www.mandriva.com/security/advisories?name=MDVSA-2012:066
www.mandriva.com/security/advisories?name=MDVSA-2012:081
www.mozilla.org/security/announce/2012/mfsa2012-20.html
www.securityfocus.com/bid/53221
bugzilla.mozilla.org/show_bug.cgi?id=714616
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16771
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:09:06
prion
prion
Memory corruption
2012-04-25 10:10:00
ubuntucve
ubuntucve
CVE-2012-0468
2012-04-25 00:00:00
cvelist
cvelist
CVE-2012-0468
2012-04-25 10:00:00
cve
cve
CVE-2012-0468
2012-04-25 10:10:17
mozilla
mozilla
Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4) — Mozilla
2012-04-24 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-20) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities (May 2012) - Mac OS X
2012-05-02 00:00:00
Mozilla Products Multiple Vulnerabilities - May12 (Mac OS X)
2012-05-02 00:00:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : firefox (multiple_vulnerabilities_in_firefox_web1)
2015-01-19 00:00:00
RHEL 5 / 6 : firefox (RHSA-2012:0515)
2012-04-25 00:00:00
oraclelinux
oraclelinux
firefox security update
2012-04-25 00:00:00
thunderbird security update
2012-04-25 00:00:00
centos
centos
thunderbird security update
2012-04-25 01:30:17
firefox, xulrunner security update
2012-04-25 01:27:20
redhat
redhat
(RHSA-2012:0516) Critical: thunderbird security update
2012-04-24 00:00:00
(RHSA-2012:0515) Critical: firefox security update
2012-04-24 00:00:00
ubuntu
ubuntu
ubufox update
2012-04-27 00:00:00
Thunderbird vulnerabilities
2012-05-04 00:00:00
Firefox vulnerabilities
2012-04-27 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2012-05-02 19:08:16
Security update for MozillaFirefox (important)
2012-06-02 02:08:30
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-04-24 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-05-09 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.107 Low
EPSS
Percentile
95.1%
Related for NVD:CVE-2012-0468