Lucene search

K
cve[email protected]CVE-2012-0444
HistoryFeb 01, 2012 - 4:55 p.m.

CVE-2012-0444

2012-02-0116:55:00
CWE-119
web.nvd.nist.gov
140
cve-2012-0444
mozilla firefox
thunderbird
seamonkey
denial of service
memory corruption
application crash
arbitrary code execution
ogg vorbis.

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.861 High

EPSS

Percentile

98.5%

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.861 High

EPSS

Percentile

98.5%