CVE-2012-1940

2012-06-0600:00:00

ubuntu.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.047

Percentile

92.6%

JSON

Use-after-free vulnerability in the nsFrameList::FirstChild function in
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5,
Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and
SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or
cause a denial of service (heap memory corruption and application crash) by
changing the size of a container of absolutely positioned elements in a
column.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 13.0+build1-0ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchfirefox< 13.0+build1-0ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchfirefox< 13.0+build1-0ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchfirefox< 13.0+build1-0ubuntu0.12.04.1UNKNOWN
ubuntu10.04noarchthunderbird< 13.0.1+build1-0ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchthunderbird< 13.0.1+build1-0ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchthunderbird< 13.0.1+build1-0ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchthunderbird< 13.0.1+build1-0ubuntu0.12.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	firefox	< 13.0+build1-0ubuntu0.10.04.1	UNKNOWN
ubuntu	11.04	noarch	firefox	< 13.0+build1-0ubuntu0.11.04.1	UNKNOWN
ubuntu	11.10	noarch	firefox	< 13.0+build1-0ubuntu0.11.10.1	UNKNOWN
ubuntu	12.04	noarch	firefox	< 13.0+build1-0ubuntu0.12.04.1	UNKNOWN
ubuntu	10.04	noarch	thunderbird	< 13.0.1+build1-0ubuntu0.10.04.1	UNKNOWN
ubuntu	11.04	noarch	thunderbird	< 13.0.1+build1-0ubuntu0.11.04.1	UNKNOWN
ubuntu	11.10	noarch	thunderbird	< 13.0.1+build1-0ubuntu0.11.10.1	UNKNOWN
ubuntu	12.04	noarch	thunderbird	< 13.0.1+build1-0ubuntu0.12.04.1	UNKNOWN