ID CVE-2012-4202
Summary Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
References
Vulnerable Configurations
  • Mozilla Firefox 16.0.2
    cpe:2.3:a:mozilla:firefox:16.0.2
  • Mozilla Firefox 16.0.1
    cpe:2.3:a:mozilla:firefox:16.0.1
  • Mozilla Firefox 16.0
    cpe:2.3:a:mozilla:firefox:16.0
  • Mozilla Firefox 15.0
    cpe:2.3:a:mozilla:firefox:15.0
  • Mozilla Firefox 15.0.1
    cpe:2.3:a:mozilla:firefox:15.0.1
  • Mozilla Firefox 14.0.1
    cpe:2.3:a:mozilla:firefox:14.0.1
  • Mozilla Firefox 14.0
    cpe:2.3:a:mozilla:firefox:14.0
  • Mozilla Firefox 13.0
    cpe:2.3:a:mozilla:firefox:13.0
  • Mozilla Firefox 13.0.1
    cpe:2.3:a:mozilla:firefox:13.0.1
  • Mozilla Firefox 12.0
    cpe:2.3:a:mozilla:firefox:12.0
  • Mozilla Firefox 12.0 beta6
    cpe:2.3:a:mozilla:firefox:12.0:beta6
  • Mozilla Firefox 11.0
    cpe:2.3:a:mozilla:firefox:11.0
  • Mozilla Firefox 10.0.2
    cpe:2.3:a:mozilla:firefox:10.0.2
  • Mozilla Firefox 10.0
    cpe:2.3:a:mozilla:firefox:10.0
  • Mozilla Firefox 10.0.1
    cpe:2.3:a:mozilla:firefox:10.0.1
  • Mozilla Firefox 9.0.1
    cpe:2.3:a:mozilla:firefox:9.0.1
  • Mozilla Firefox 9.0
    cpe:2.3:a:mozilla:firefox:9.0
  • Mozilla Firefox 8.0.1
    cpe:2.3:a:mozilla:firefox:8.0.1
  • Mozilla Firefox 8.0
    cpe:2.3:a:mozilla:firefox:8.0
  • Mozilla Firefox 7.0.1
    cpe:2.3:a:mozilla:firefox:7.0.1
  • Mozilla Firefox 7.0
    cpe:2.3:a:mozilla:firefox:7.0
  • Mozilla Firefox 6.0
    cpe:2.3:a:mozilla:firefox:6.0
  • Mozilla Firefox 6.0.2
    cpe:2.3:a:mozilla:firefox:6.0.2
  • Mozilla Firefox 6.0.1
    cpe:2.3:a:mozilla:firefox:6.0.1
  • Mozilla Firefox 5.0
    cpe:2.3:a:mozilla:firefox:5.0
  • Mozilla Firefox 5.0.1
    cpe:2.3:a:mozilla:firefox:5.0.1
  • Mozilla Firefox 4.0 beta12
    cpe:2.3:a:mozilla:firefox:4.0:beta12
  • Mozilla Firefox 4.0 beta11
    cpe:2.3:a:mozilla:firefox:4.0:beta11
  • Mozilla Firefox 4.0
    cpe:2.3:a:mozilla:firefox:4.0
  • Mozilla Firefox 4.0 beta5
    cpe:2.3:a:mozilla:firefox:4.0:beta5
  • Mozilla Firefox 4.0 beta3
    cpe:2.3:a:mozilla:firefox:4.0:beta3
  • Mozilla Firefox 4.0.1
    cpe:2.3:a:mozilla:firefox:4.0.1
  • Mozilla Firefox 4.0 beta4
    cpe:2.3:a:mozilla:firefox:4.0:beta4
  • Mozilla Firefox 4.0 beta2
    cpe:2.3:a:mozilla:firefox:4.0:beta2
  • Mozilla Firefox 4.0 beta1
    cpe:2.3:a:mozilla:firefox:4.0:beta1
  • Mozilla Firefox 4.0 beta10
    cpe:2.3:a:mozilla:firefox:4.0:beta10
  • Mozilla Firefox 4.0 beta6
    cpe:2.3:a:mozilla:firefox:4.0:beta6
  • Mozilla Firefox 4.0 beta7
    cpe:2.3:a:mozilla:firefox:4.0:beta7
  • Mozilla Firefox 4.0 beta8
    cpe:2.3:a:mozilla:firefox:4.0:beta8
  • Mozilla Firefox 4.0 beta9
    cpe:2.3:a:mozilla:firefox:4.0:beta9
  • Mozilla Firefox 3.0.14
    cpe:2.3:a:mozilla:firefox:3.0.14
  • Mozilla Firefox 3.6.4
    cpe:2.3:a:mozilla:firefox:3.6.4
  • Mozilla Firefox 3.5.10
    cpe:2.3:a:mozilla:firefox:3.5.10
  • Mozilla Firefox 3.6.20
    cpe:2.3:a:mozilla:firefox:3.6.20
  • Mozilla Firefox 3.0.1
    cpe:2.3:a:mozilla:firefox:3.0.1
  • Mozilla Firefox 3.6
    cpe:2.3:a:mozilla:firefox:3.6
  • Mozilla Firefox 3.6.21
    cpe:2.3:a:mozilla:firefox:3.6.21
  • Mozilla Firefox 3.6.22
    cpe:2.3:a:mozilla:firefox:3.6.22
  • Mozilla Firefox 3.6.2
    cpe:2.3:a:mozilla:firefox:3.6.2
  • Mozilla Firefox 3.6.25
    cpe:2.3:a:mozilla:firefox:3.6.25
  • Mozilla Firefox 3.6.24
    cpe:2.3:a:mozilla:firefox:3.6.24
  • Mozilla Firefox 3.6.3
    cpe:2.3:a:mozilla:firefox:3.6.3
  • Mozilla Firefox 3.6.11
    cpe:2.3:a:mozilla:firefox:3.6.11
  • Mozilla Firefox 3.5.14
    cpe:2.3:a:mozilla:firefox:3.5.14
  • Mozilla Firefox 3.5.12
    cpe:2.3:a:mozilla:firefox:3.5.12
  • Mozilla Firefox 3.0.3
    cpe:2.3:a:mozilla:firefox:3.0.3
  • Mozilla Firefox 3.5.13
    cpe:2.3:a:mozilla:firefox:3.5.13
  • Mozilla Firefox 3.0.5
    cpe:2.3:a:mozilla:firefox:3.0.5
  • Mozilla Firefox 3.6.23
    cpe:2.3:a:mozilla:firefox:3.6.23
  • Mozilla Firefox 3.5.1
    cpe:2.3:a:mozilla:firefox:3.5.1
  • Mozilla Firefox 3.0
    cpe:2.3:a:mozilla:firefox:3.0
  • Mozilla Firefox 3.0.11
    cpe:2.3:a:mozilla:firefox:3.0.11
  • Mozilla Firefox 3.6.10
    cpe:2.3:a:mozilla:firefox:3.6.10
  • Mozilla Firefox 3.6.9
    cpe:2.3:a:mozilla:firefox:3.6.9
  • Mozilla Firefox 3.0.12
    cpe:2.3:a:mozilla:firefox:3.0.12
  • Mozilla Firefox 3.6.13
    cpe:2.3:a:mozilla:firefox:3.6.13
  • Mozilla Firefox 3.5.7
    cpe:2.3:a:mozilla:firefox:3.5.7
  • Mozilla Firefox 3.6.19
    cpe:2.3:a:mozilla:firefox:3.6.19
  • Mozilla Firefox 3.6.12
    cpe:2.3:a:mozilla:firefox:3.6.12
  • Mozilla Firefox 3.6.8
    cpe:2.3:a:mozilla:firefox:3.6.8
  • Mozilla Firefox 3.6.18
    cpe:2.3:a:mozilla:firefox:3.6.18
  • Mozilla Firefox 3.6.6
    cpe:2.3:a:mozilla:firefox:3.6.6
  • Mozilla Firefox 3.0.17
    cpe:2.3:a:mozilla:firefox:3.0.17
  • Mozilla Firefox 3.6.15
    cpe:2.3:a:mozilla:firefox:3.6.15
  • Mozilla Firefox 3.6.7
    cpe:2.3:a:mozilla:firefox:3.6.7
  • Mozilla Firefox 3.6.16
    cpe:2.3:a:mozilla:firefox:3.6.16
  • Mozilla Firefox 3.6.14
    cpe:2.3:a:mozilla:firefox:3.6.14
  • Mozilla Firefox 3.5.11
    cpe:2.3:a:mozilla:firefox:3.5.11
  • Mozilla Firefox 3.0.7
    cpe:2.3:a:mozilla:firefox:3.0.7
  • Mozilla Firefox 3.5.8
    cpe:2.3:a:mozilla:firefox:3.5.8
  • Mozilla Firefox 3.0.16
    cpe:2.3:a:mozilla:firefox:3.0.16
  • Mozilla Firefox 3.5.15
    cpe:2.3:a:mozilla:firefox:3.5.15
  • Mozilla Firefox 3.0.6
    cpe:2.3:a:mozilla:firefox:3.0.6
  • Mozilla Firefox 3.0.10
    cpe:2.3:a:mozilla:firefox:3.0.10
  • Mozilla Firefox 3.5.2
    cpe:2.3:a:mozilla:firefox:3.5.2
  • Mozilla Firefox 3.0.8
    cpe:2.3:a:mozilla:firefox:3.0.8
  • Mozilla Firefox 3.6.17
    cpe:2.3:a:mozilla:firefox:3.6.17
  • Mozilla Firefox 3.0.9
    cpe:2.3:a:mozilla:firefox:3.0.9
  • Mozilla Firefox 3.0.4
    cpe:2.3:a:mozilla:firefox:3.0.4
  • Mozilla Firefox 3.0.13
    cpe:2.3:a:mozilla:firefox:3.0.13
  • Mozilla Firefox 3.5.3
    cpe:2.3:a:mozilla:firefox:3.5.3
  • Mozilla Firefox 3.5.9
    cpe:2.3:a:mozilla:firefox:3.5.9
  • Mozilla Firefox 3.5.4
    cpe:2.3:a:mozilla:firefox:3.5.4
  • Mozilla Firefox 3.5.5
    cpe:2.3:a:mozilla:firefox:3.5.5
  • Mozilla Firefox 3.0.15
    cpe:2.3:a:mozilla:firefox:3.0.15
  • Mozilla Firefox 3.5.6
    cpe:2.3:a:mozilla:firefox:3.5.6
  • Mozilla Firefox 3.0.2
    cpe:2.3:a:mozilla:firefox:3.0.2
  • Mozilla Firefox 3.5
    cpe:2.3:a:mozilla:firefox:3.5
  • Mozilla Firefox 2.0.0.14
    cpe:2.3:a:mozilla:firefox:2.0.0.14
  • Mozilla Firefox 2.0.0.12
    cpe:2.3:a:mozilla:firefox:2.0.0.12
  • Mozilla Firefox 2.0.0.19
    cpe:2.3:a:mozilla:firefox:2.0.0.19
  • Mozilla Firefox 2.0.0.20
    cpe:2.3:a:mozilla:firefox:2.0.0.20
  • Mozilla Firefox 2.0.0.8
    cpe:2.3:a:mozilla:firefox:2.0.0.8
  • Mozilla Firefox 2.0.0.9
    cpe:2.3:a:mozilla:firefox:2.0.0.9
  • Mozilla Firefox 2.0.0.17
    cpe:2.3:a:mozilla:firefox:2.0.0.17
  • Mozilla Firefox 2.0.0.10
    cpe:2.3:a:mozilla:firefox:2.0.0.10
  • Mozilla Firefox 2.0.0.16
    cpe:2.3:a:mozilla:firefox:2.0.0.16
  • Mozilla Firefox 2.0.0.11
    cpe:2.3:a:mozilla:firefox:2.0.0.11
  • Mozilla Firefox 2.0.0.15
    cpe:2.3:a:mozilla:firefox:2.0.0.15
  • Mozilla Firefox 2.0.0.13
    cpe:2.3:a:mozilla:firefox:2.0.0.13
  • Mozilla Firefox 2.0.0.7
    cpe:2.3:a:mozilla:firefox:2.0.0.7
  • Mozilla Firefox 2.0
    cpe:2.3:a:mozilla:firefox:2.0
  • Mozilla Firefox 2.0.0.18
    cpe:2.3:a:mozilla:firefox:2.0.0.18
  • Mozilla Firefox 2.0.0.6
    cpe:2.3:a:mozilla:firefox:2.0.0.6
  • Mozilla Firefox 2.0.0.5
    cpe:2.3:a:mozilla:firefox:2.0.0.5
  • Mozilla Firefox 2.0.0.4
    cpe:2.3:a:mozilla:firefox:2.0.0.4
  • Mozilla Firefox 2.0.0.3
    cpe:2.3:a:mozilla:firefox:2.0.0.3
  • Mozilla Firefox 2.0.0.2
    cpe:2.3:a:mozilla:firefox:2.0.0.2
  • Mozilla Firefox 2.0.0.1
    cpe:2.3:a:mozilla:firefox:2.0.0.1
  • Mozilla Firefox 1.0.1
    cpe:2.3:a:mozilla:firefox:1.0.1
  • Mozilla Firefox 1.0
    cpe:2.3:a:mozilla:firefox:1.0
  • Mozilla Firefox 1.0.3
    cpe:2.3:a:mozilla:firefox:1.0.3
  • Mozilla Firefox 1.0.2
    cpe:2.3:a:mozilla:firefox:1.0.2
  • Mozilla Firefox 1.0.5
    cpe:2.3:a:mozilla:firefox:1.0.5
  • Mozilla Firefox 1.0.4
    cpe:2.3:a:mozilla:firefox:1.0.4
  • Mozilla Firefox 1.0.7
    cpe:2.3:a:mozilla:firefox:1.0.7
  • Mozilla Firefox 1.0.6
    cpe:2.3:a:mozilla:firefox:1.0.6
  • Mozilla Firefox 1.5
    cpe:2.3:a:mozilla:firefox:1.5
  • Mozilla Firefox 1.0.8
    cpe:2.3:a:mozilla:firefox:1.0.8
  • Mozilla Firefox 1.4.1
    cpe:2.3:a:mozilla:firefox:1.4.1
  • Mozilla Firefox 1.0 Preview Release
    cpe:2.3:a:mozilla:firefox:1.0:preview_release
  • Mozilla Firefox 1.5.0.4
    cpe:2.3:a:mozilla:firefox:1.5.0.4
  • Mozilla Firefox 1.5.0.5
    cpe:2.3:a:mozilla:firefox:1.5.0.5
  • Mozilla Firefox 1.5.0.2
    cpe:2.3:a:mozilla:firefox:1.5.0.2
  • Mozilla Firefox 1.5.0.3
    cpe:2.3:a:mozilla:firefox:1.5.0.3
  • Mozilla Firefox 1.5.0.11
    cpe:2.3:a:mozilla:firefox:1.5.0.11
  • Mozilla Firefox 1.5.0.12
    cpe:2.3:a:mozilla:firefox:1.5.0.12
  • Mozilla Firefox 1.5.0.1
    cpe:2.3:a:mozilla:firefox:1.5.0.1
  • Mozilla Firefox 1.5 Beta 1
    cpe:2.3:a:mozilla:firefox:1.5:beta1
  • Mozilla Firefox 1.5.0.10
    cpe:2.3:a:mozilla:firefox:1.5.0.10
  • Mozilla Firefox 1.5.3
    cpe:2.3:a:mozilla:firefox:1.5.3
  • Mozilla Firefox 1.5.4
    cpe:2.3:a:mozilla:firefox:1.5.4
  • Mozilla Firefox 1.5.1
    cpe:2.3:a:mozilla:firefox:1.5.1
  • Mozilla Firefox 1.5.2
    cpe:2.3:a:mozilla:firefox:1.5.2
  • Mozilla Firefox 1.5.0.8
    cpe:2.3:a:mozilla:firefox:1.5.0.8
  • Mozilla Firefox 1.5.0.9
    cpe:2.3:a:mozilla:firefox:1.5.0.9
  • Mozilla Firefox 1.5.0.6
    cpe:2.3:a:mozilla:firefox:1.5.0.6
  • Mozilla Firefox 1.5.0.7
    cpe:2.3:a:mozilla:firefox:1.5.0.7
  • Mozilla Firefox 1.5 Beta 2
    cpe:2.3:a:mozilla:firefox:1.5:beta2
  • Mozilla Firefox 1.8
    cpe:2.3:a:mozilla:firefox:1.8
  • Mozilla Firefox 1.5.8
    cpe:2.3:a:mozilla:firefox:1.5.8
  • Mozilla Firefox 1.5.7
    cpe:2.3:a:mozilla:firefox:1.5.7
  • Mozilla Firefox 1.5.6
    cpe:2.3:a:mozilla:firefox:1.5.6
  • Mozilla Firefox 1.5.5
    cpe:2.3:a:mozilla:firefox:1.5.5
  • Mozilla Firefox 0.10
    cpe:2.3:a:mozilla:firefox:0.10
  • Mozilla Firefox 0.8
    cpe:2.3:a:mozilla:firefox:0.8
  • Mozilla Firefox 0.10.1
    cpe:2.3:a:mozilla:firefox:0.10.1
  • Mozilla Firefox 0.9.1
    cpe:2.3:a:mozilla:firefox:0.9.1
  • Mozilla Firefox 0.9
    cpe:2.3:a:mozilla:firefox:0.9
  • Mozilla Firefox 0.9.3
    cpe:2.3:a:mozilla:firefox:0.9.3
  • Mozilla Firefox 0.9.2
    cpe:2.3:a:mozilla:firefox:0.9.2
  • Mozilla Firefox 0.9 rc
    cpe:2.3:a:mozilla:firefox:0.9:rc
  • Mozilla Firefox 0.6.1
    cpe:2.3:a:mozilla:firefox:0.6.1
  • Mozilla Firefox 0.7
    cpe:2.3:a:mozilla:firefox:0.7
  • Mozilla Firefox 0.7.1
    cpe:2.3:a:mozilla:firefox:0.7.1
  • Mozilla Firefox 0.3
    cpe:2.3:a:mozilla:firefox:0.3
  • Mozilla Firefox 0.4
    cpe:2.3:a:mozilla:firefox:0.4
  • Mozilla Firefox 0.5
    cpe:2.3:a:mozilla:firefox:0.5
  • Mozilla Firefox 0.6
    cpe:2.3:a:mozilla:firefox:0.6
  • Mozilla Firefox 0.1
    cpe:2.3:a:mozilla:firefox:0.1
  • Mozilla Firefox 0.2
    cpe:2.3:a:mozilla:firefox:0.2
  • Mozilla Firefox Extended Support Release (ESR) 10.0
    cpe:2.3:a:mozilla:firefox_esr:10.0
  • Mozilla Firefox Extended Support Release (ESR) 10.1
    cpe:2.3:a:mozilla:firefox_esr:10.0.1
  • Mozilla Firefox Extended Support Release (ESR) 10.0.10
    cpe:2.3:a:mozilla:firefox_esr:10.0.10
  • Mozilla Firefox Extended Support Release (ESR) 10.0.2
    cpe:2.3:a:mozilla:firefox_esr:10.0.2
  • Mozilla Firefox Extended Support Release (ESR) 10.0.3
    cpe:2.3:a:mozilla:firefox_esr:10.0.3
  • Mozilla Firefox Extended Support Release (ESR) 10.0.4
    cpe:2.3:a:mozilla:firefox_esr:10.0.4
  • Mozilla Firefox Extended Support Release (ESR) 10.0.5
    cpe:2.3:a:mozilla:firefox_esr:10.0.5
  • Mozilla Firefox Extended Support Release (ESR) 10.0.6
    cpe:2.3:a:mozilla:firefox_esr:10.0.6
  • Mozilla Firefox Extended Support Release (ESR) 10.0.7
    cpe:2.3:a:mozilla:firefox_esr:10.0.7
  • Mozilla Firefox Extended Support Release (ESR) 10.0.8
    cpe:2.3:a:mozilla:firefox_esr:10.0.8
  • Mozilla Firefox Extended Support Release (ESR) 10.0.9
    cpe:2.3:a:mozilla:firefox_esr:10.0.9
  • Mozilla Thunderbird 16.0.2
    cpe:2.3:a:mozilla:thunderbird:16.0.2
  • Mozilla Thunderbird 16.0.1
    cpe:2.3:a:mozilla:thunderbird:16.0.1
  • Mozilla Thunderbird 16.0
    cpe:2.3:a:mozilla:thunderbird:16.0
  • Mozilla Thunderbird 15.0.1
    cpe:2.3:a:mozilla:thunderbird:15.0.1
  • Mozilla Thunderbird 15.0
    cpe:2.3:a:mozilla:thunderbird:15.0
  • Mozilla Thunderbird 14.0
    cpe:2.3:a:mozilla:thunderbird:14.0
  • Mozilla Thunderbird 13.0.1
    cpe:2.3:a:mozilla:thunderbird:13.0.1
  • Mozilla Thunderbird 13.0
    cpe:2.3:a:mozilla:thunderbird:13.0
  • Mozilla Thunderbird 12.0.1
    cpe:2.3:a:mozilla:thunderbird:12.0.1
  • Mozilla Thunderbird 12.0
    cpe:2.3:a:mozilla:thunderbird:12.0
  • Mozilla Thunderbird 11.0.1
    cpe:2.3:a:mozilla:thunderbird:11.0.1
  • Mozilla Thunderbird 11.0
    cpe:2.3:a:mozilla:thunderbird:11.0
  • Mozilla Thunderbird 10.0.2
    cpe:2.3:a:mozilla:thunderbird:10.0.2
  • Mozilla Thunderbird 10.0.3
    cpe:2.3:a:mozilla:thunderbird:10.0.3
  • Mozilla Thunderbird 10.0.4
    cpe:2.3:a:mozilla:thunderbird:10.0.4
  • Mozilla Thunderbird 10.0.1
    cpe:2.3:a:mozilla:thunderbird:10.0.1
  • Mozilla Thunderbird 10.0
    cpe:2.3:a:mozilla:thunderbird:10.0
  • Mozilla Thunderbird 9.0.1
    cpe:2.3:a:mozilla:thunderbird:9.0.1
  • Mozilla Thunderbird 9.0
    cpe:2.3:a:mozilla:thunderbird:9.0
  • Mozilla Thunderbird 8.0
    cpe:2.3:a:mozilla:thunderbird:8.0
  • Mozilla Thunderbird 7.0.1
    cpe:2.3:a:mozilla:thunderbird:7.0.1
  • Mozilla Thunderbird 7.0
    cpe:2.3:a:mozilla:thunderbird:7.0
  • Mozilla Thunderbird 6.0
    cpe:2.3:a:mozilla:thunderbird:6.0
  • Mozilla Thunderbird 6.0.1
    cpe:2.3:a:mozilla:thunderbird:6.0.1
  • Mozilla Thunderbird 6.0.2
    cpe:2.3:a:mozilla:thunderbird:6.0.2
  • Mozilla Thunderbird 5.0
    cpe:2.3:a:mozilla:thunderbird:5.0
  • Mozilla Thunderbird 3.0
    cpe:2.3:a:mozilla:thunderbird:3.0
  • Mozilla Thunderbird 3.0.5
    cpe:2.3:a:mozilla:thunderbird:3.0.5
  • Mozilla Thunderbird 3.1.15
    cpe:2.3:a:mozilla:thunderbird:3.1.15
  • Mozilla Thunderbird 3.1.16
    cpe:2.3:a:mozilla:thunderbird:3.1.16
  • Mozilla Thunderbird 3.0.2
    cpe:2.3:a:mozilla:thunderbird:3.0.2
  • Mozilla Thunderbird 3.0.3
    cpe:2.3:a:mozilla:thunderbird:3.0.3
  • Mozilla Thunderbird 3.0.1
    cpe:2.3:a:mozilla:thunderbird:3.0.1
  • Mozilla Thunderbird 3.1.14
    cpe:2.3:a:mozilla:thunderbird:3.1.14
  • Mozilla Thunderbird 3.1.13
    cpe:2.3:a:mozilla:thunderbird:3.1.13
  • Mozilla Thunderbird 3.1.12
    cpe:2.3:a:mozilla:thunderbird:3.1.12
  • Mozilla Thunderbird 3.0.8
    cpe:2.3:a:mozilla:thunderbird:3.0.8
  • Mozilla Thunderbird 3.0.7
    cpe:2.3:a:mozilla:thunderbird:3.0.7
  • Mozilla Thunderbird 3.1.4
    cpe:2.3:a:mozilla:thunderbird:3.1.4
  • Mozilla Thunderbird 3.1.7
    cpe:2.3:a:mozilla:thunderbird:3.1.7
  • Mozilla Thunderbird 3.1.3
    cpe:2.3:a:mozilla:thunderbird:3.1.3
  • Mozilla Thunderbird 3.0.11
    cpe:2.3:a:mozilla:thunderbird:3.0.11
  • Mozilla Thunderbird 3.1.6
    cpe:2.3:a:mozilla:thunderbird:3.1.6
  • Mozilla Thunderbird 3.1.5
    cpe:2.3:a:mozilla:thunderbird:3.1.5
  • Mozilla Thunderbird 3.0.9
    cpe:2.3:a:mozilla:thunderbird:3.0.9
  • Mozilla Thunderbird 3.1.2
    cpe:2.3:a:mozilla:thunderbird:3.1.2
  • Mozilla Thunderbird 3.0.6
    cpe:2.3:a:mozilla:thunderbird:3.0.6
  • Mozilla Thunderbird 3.1.1
    cpe:2.3:a:mozilla:thunderbird:3.1.1
  • Mozilla Thunderbird 3.1
    cpe:2.3:a:mozilla:thunderbird:3.1
  • Mozilla Thunderbird 3.0.10
    cpe:2.3:a:mozilla:thunderbird:3.0.10
  • Mozilla Thunderbird 3.1.8
    cpe:2.3:a:mozilla:thunderbird:3.1.8
  • Mozilla Thunderbird 3.1.10
    cpe:2.3:a:mozilla:thunderbird:3.1.10
  • Mozilla Thunderbird 3.1.9
    cpe:2.3:a:mozilla:thunderbird:3.1.9
  • Mozilla Thunderbird 3.1.11
    cpe:2.3:a:mozilla:thunderbird:3.1.11
  • Mozilla Thunderbird 3.0.4
    cpe:2.3:a:mozilla:thunderbird:3.0.4
  • Mozilla Thunderbird 3.1.17
    cpe:2.3:a:mozilla:thunderbird:3.1.17
  • Mozilla Thunderbird 2.0.0.1
    cpe:2.3:a:mozilla:thunderbird:2.0.0.1
  • Mozilla Thunderbird 2.0.0.0
    cpe:2.3:a:mozilla:thunderbird:2.0.0.0
  • Mozilla Thunderbird 2.0.0.3
    cpe:2.3:a:mozilla:thunderbird:2.0.0.3
  • Mozilla Thunderbird 2.0.0.2
    cpe:2.3:a:mozilla:thunderbird:2.0.0.2
  • Mozilla Thunderbird 2.0.0.19
    cpe:2.3:a:mozilla:thunderbird:2.0.0.19
  • Mozilla Thunderbird 2.0.0.12
    cpe:2.3:a:mozilla:thunderbird:2.0.0.12
  • Mozilla Thunderbird 2.0.0.5
    cpe:2.3:a:mozilla:thunderbird:2.0.0.5
  • Mozilla Thunderbird 2.0.0.4
    cpe:2.3:a:mozilla:thunderbird:2.0.0.4
  • Mozilla Thunderbird 2.0.0.8
    cpe:2.3:a:mozilla:thunderbird:2.0.0.8
  • Mozilla Thunderbird 2.0.0.11
    cpe:2.3:a:mozilla:thunderbird:2.0.0.11
  • Mozilla Thunderbird 2.0.0.7
    cpe:2.3:a:mozilla:thunderbird:2.0.0.7
  • Mozilla Thunderbird 2.0
    cpe:2.3:a:mozilla:thunderbird:2.0
  • Mozilla Thunderbird 2.0.0.20
    cpe:2.3:a:mozilla:thunderbird:2.0.0.20
  • Mozilla Thunderbird 2.0.0.21
    cpe:2.3:a:mozilla:thunderbird:2.0.0.21
  • Mozilla Thunderbird 2.0.0.16
    cpe:2.3:a:mozilla:thunderbird:2.0.0.16
  • Mozilla Thunderbird 2.0.0.15
    cpe:2.3:a:mozilla:thunderbird:2.0.0.15
  • Mozilla Thunderbird 2.0.0.14
    cpe:2.3:a:mozilla:thunderbird:2.0.0.14
  • Mozilla Thunderbird 2.0.0.17
    cpe:2.3:a:mozilla:thunderbird:2.0.0.17
  • Mozilla Thunderbird 2.0.0.13
    cpe:2.3:a:mozilla:thunderbird:2.0.0.13
  • Mozilla Thunderbird 2.0.0.22
    cpe:2.3:a:mozilla:thunderbird:2.0.0.22
  • Mozilla Thunderbird 2.0.0.9
    cpe:2.3:a:mozilla:thunderbird:2.0.0.9
  • Mozilla Thunderbird 2.0.0.23
    cpe:2.3:a:mozilla:thunderbird:2.0.0.23
  • Mozilla Thunderbird 2.0.0.6
    cpe:2.3:a:mozilla:thunderbird:2.0.0.6
  • Mozilla Thunderbird 2.0.0.18
    cpe:2.3:a:mozilla:thunderbird:2.0.0.18
  • Mozilla Thunderbird 1.5.0.9
    cpe:2.3:a:mozilla:thunderbird:1.5.0.9
  • Mozilla Thunderbird 1.5.0.8
    cpe:2.3:a:mozilla:thunderbird:1.5.0.8
  • Mozilla Thunderbird 1.5.2
    cpe:2.3:a:mozilla:thunderbird:1.5.2
  • Mozilla Thunderbird 1.5.1
    cpe:2.3:a:mozilla:thunderbird:1.5.1
  • Mozilla Thunderbird 1.0.6
    cpe:2.3:a:mozilla:thunderbird:1.0.6
  • Mozilla Thunderbird 1.0.7
    cpe:2.3:a:mozilla:thunderbird:1.0.7
  • Mozilla Thunderbird 1.0.8
    cpe:2.3:a:mozilla:thunderbird:1.0.8
  • Mozilla Thunderbird 1.5
    cpe:2.3:a:mozilla:thunderbird:1.5
  • Mozilla Thunderbird 1.0.2
    cpe:2.3:a:mozilla:thunderbird:1.0.2
  • Mozilla Thunderbird 1.0.3
    cpe:2.3:a:mozilla:thunderbird:1.0.3
  • Mozilla Thunderbird 1.0.4
    cpe:2.3:a:mozilla:thunderbird:1.0.4
  • Mozilla Thunderbird 1.0.5
    cpe:2.3:a:mozilla:thunderbird:1.0.5
  • Mozilla Thunderbird 1.5.0.3
    cpe:2.3:a:mozilla:thunderbird:1.5.0.3
  • Mozilla Thunderbird 1.5.0.4
    cpe:2.3:a:mozilla:thunderbird:1.5.0.4
  • Mozilla Thunderbird 1.5.0.6
    cpe:2.3:a:mozilla:thunderbird:1.5.0.6
  • Mozilla Thunderbird 1.5.0.7
    cpe:2.3:a:mozilla:thunderbird:1.5.0.7
  • Mozilla Thunderbird 1.5.0.1
    cpe:2.3:a:mozilla:thunderbird:1.5.0.1
  • Mozilla Thunderbird 1.5.0.10
    cpe:2.3:a:mozilla:thunderbird:1.5.0.10
  • Mozilla Thunderbird 1.5.0.11
    cpe:2.3:a:mozilla:thunderbird:1.5.0.11
  • Mozilla Thunderbird 1.5.0.2
    cpe:2.3:a:mozilla:thunderbird:1.5.0.2
  • Mozilla Thunderbird 1.0.5 Beta
    cpe:2.3:a:mozilla:thunderbird:1.0.5:beta
  • Mozilla Thunderbird 1.5.0.12
    cpe:2.3:a:mozilla:thunderbird:1.5.0.12
  • Mozilla Thunderbird 1.5.0.5
    cpe:2.3:a:mozilla:thunderbird:1.5.0.5
  • Mozilla Mozilla Mail 1.7.1
    cpe:2.3:a:mozilla:thunderbird:1.7.1
  • Mozilla Mozilla Mail 1.7.3
    cpe:2.3:a:mozilla:thunderbird:1.7.3
  • Mozilla Thunderbird 1.5.0.13
    cpe:2.3:a:mozilla:thunderbird:1.5.0.13
  • Mozilla Thunderbird 1.5.0.14
    cpe:2.3:a:mozilla:thunderbird:1.5.0.14
  • Mozilla Thunderbird 1.5 Beta 2
    cpe:2.3:a:mozilla:thunderbird:1.5:beta2
  • Mozilla Thunderbird 1.0
    cpe:2.3:a:mozilla:thunderbird:1.0
  • Mozilla Thunderbird 1.0.1
    cpe:2.3:a:mozilla:thunderbird:1.0.1
  • Mozilla Thunderbird 0.7.2
    cpe:2.3:a:mozilla:thunderbird:0.7.2
  • Mozilla Thunderbird 0.7.3
    cpe:2.3:a:mozilla:thunderbird:0.7.3
  • Mozilla Thunderbird 0.7
    cpe:2.3:a:mozilla:thunderbird:0.7
  • Mozilla Thunderbird 0.7.1
    cpe:2.3:a:mozilla:thunderbird:0.7.1
  • Mozilla Thunderbird 0.8
    cpe:2.3:a:mozilla:thunderbird:0.8
  • Mozilla Thunderbird 0.9
    cpe:2.3:a:mozilla:thunderbird:0.9
  • Mozilla Thunderbird 0.1
    cpe:2.3:a:mozilla:thunderbird:0.1
  • Mozilla Thunderbird 0.2
    cpe:2.3:a:mozilla:thunderbird:0.2
  • Mozilla Thunderbird 0.5
    cpe:2.3:a:mozilla:thunderbird:0.5
  • Mozilla Thunderbird 0.6
    cpe:2.3:a:mozilla:thunderbird:0.6
  • Mozilla Thunderbird 0.3
    cpe:2.3:a:mozilla:thunderbird:0.3
  • Mozilla Thunderbird 0.4
    cpe:2.3:a:mozilla:thunderbird:0.4
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.3
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.3
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.4
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.4
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.9
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.9
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.8
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.8
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.7
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.7
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.10
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.10
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.5
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.5
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0
    cpe:2.3:a:mozilla:thunderbird_esr:10.0
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.1
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.1
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.2
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.2
  • Mozilla Thunderbird Extended Support Release (ESR) 10.0.6
    cpe:2.3:a:mozilla:thunderbird_esr:10.0.6
  • Mozilla Seamonkey 2.13.2
    cpe:2.3:a:mozilla:seamonkey:2.13.2
  • Mozilla Seamonkey 2.14 beta1
    cpe:2.3:a:mozilla:seamonkey:2.14:beta1
  • Mozilla Seamonkey 2.14 beta2
    cpe:2.3:a:mozilla:seamonkey:2.14:beta2
  • Mozilla Seamonkey 2.14 beta3
    cpe:2.3:a:mozilla:seamonkey:2.14:beta3
  • Mozilla Seamonkey 2.14 beta4
    cpe:2.3:a:mozilla:seamonkey:2.14:beta4
  • Mozilla Seamonkey 2.14 beta5
    cpe:2.3:a:mozilla:seamonkey:2.14:beta5
  • Mozilla SeaMonkey 2.0.11
    cpe:2.3:a:mozilla:seamonkey:2.0.11
  • Mozilla SeaMonkey 2.0.6
    cpe:2.3:a:mozilla:seamonkey:2.0.6
  • Mozilla SeaMonkey 2.0.5
    cpe:2.3:a:mozilla:seamonkey:2.0.5
  • Mozilla SeaMonkey 2.0.2
    cpe:2.3:a:mozilla:seamonkey:2.0.2
  • Mozilla SeaMonkey 2.0.1
    cpe:2.3:a:mozilla:seamonkey:2.0.1
  • Mozilla SeaMonkey 2.5
    cpe:2.3:a:mozilla:seamonkey:2.5
  • Mozilla SeaMonkey 2.0.12
    cpe:2.3:a:mozilla:seamonkey:2.0.12
  • Mozilla SeaMonkey 2.0.13
    cpe:2.3:a:mozilla:seamonkey:2.0.13
  • Mozilla SeaMonkey 2.0.14
    cpe:2.3:a:mozilla:seamonkey:2.0.14
  • Mozilla SeaMonkey 2.10
    cpe:2.3:a:mozilla:seamonkey:2.10
  • Mozilla SeaMonkey 2.0.3
    cpe:2.3:a:mozilla:seamonkey:2.0.3
  • Mozilla SeaMonkey 2.0
    cpe:2.3:a:mozilla:seamonkey:2.0
  • Mozilla SeaMonkey 2.0.4
    cpe:2.3:a:mozilla:seamonkey:2.0.4
  • Mozilla SeaMonkey 2.0 RC2
    cpe:2.3:a:mozilla:seamonkey:2.0:rc2
  • Mozilla SeaMonkey 2.0 Alpha 2
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2
  • Mozilla SeaMonkey 2.0 Alpha 1
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1
  • Mozilla SeaMonkey 2.0 RC1
    cpe:2.3:a:mozilla:seamonkey:2.0:rc1
  • Mozilla SeaMonkey 2.0 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_2
  • Mozilla SeaMonkey 2.0 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_1
  • Mozilla SeaMonkey 2.0 Alpha 3
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3
  • Mozilla SeaMonkey 2.11 beta4
    cpe:2.3:a:mozilla:seamonkey:2.11:beta4
  • Mozilla SeaMonkey 2.11 beta3
    cpe:2.3:a:mozilla:seamonkey:2.11:beta3
  • Mozilla SeaMonkey 2.11 beta2
    cpe:2.3:a:mozilla:seamonkey:2.11:beta2
  • Mozilla SeaMonkey 2.11 beta1
    cpe:2.3:a:mozilla:seamonkey:2.11:beta1
  • Mozilla SeaMonkey 2.10.1
    cpe:2.3:a:mozilla:seamonkey:2.10.1
  • Mozilla SeaMonkey 2.10 beta3
    cpe:2.3:a:mozilla:seamonkey:2.10:beta3
  • Mozilla SeaMonkey 2.10 beta2
    cpe:2.3:a:mozilla:seamonkey:2.10:beta2
  • Mozilla SeaMonkey 2.10 beta1
    cpe:2.3:a:mozilla:seamonkey:2.10:beta1
  • Mozilla SeaMonkey 2.13 beta1
    cpe:2.3:a:mozilla:seamonkey:2.13:beta1
  • Mozilla SeaMonkey 2.13 beta2
    cpe:2.3:a:mozilla:seamonkey:2.13:beta2
  • Mozilla SeaMonkey 2.13 beta3
    cpe:2.3:a:mozilla:seamonkey:2.13:beta3
  • Mozilla SeaMonkey 2.13 beta4
    cpe:2.3:a:mozilla:seamonkey:2.13:beta4
  • Mozilla SeaMonkey 2.13 beta5
    cpe:2.3:a:mozilla:seamonkey:2.13:beta5
  • Mozilla SeaMonkey 2.13 beta6
    cpe:2.3:a:mozilla:seamonkey:2.13:beta6
  • Mozilla SeaMonkey 2.11 beta6
    cpe:2.3:a:mozilla:seamonkey:2.11:beta6
  • Mozilla SeaMonkey 2.11 beta5
    cpe:2.3:a:mozilla:seamonkey:2.11:beta5
  • Mozilla SeaMonkey 2.0.8
    cpe:2.3:a:mozilla:seamonkey:2.0.8
  • Mozilla SeaMonkey 2.12.1
    cpe:2.3:a:mozilla:seamonkey:2.12.1
  • Mozilla SeaMonkey 2.0.7
    cpe:2.3:a:mozilla:seamonkey:2.0.7
  • Mozilla SeaMonkey 2.12 beta5
    cpe:2.3:a:mozilla:seamonkey:2.12:beta5
  • Mozilla SeaMonkey 2.12 beta6
    cpe:2.3:a:mozilla:seamonkey:2.12:beta6
  • Mozilla SeaMonkey 2.12 beta3
    cpe:2.3:a:mozilla:seamonkey:2.12:beta3
  • Mozilla SeaMonkey 2.12 beta4
    cpe:2.3:a:mozilla:seamonkey:2.12:beta4
  • Mozilla SeaMonkey 2.12 beta1
    cpe:2.3:a:mozilla:seamonkey:2.12:beta1
  • Mozilla SeaMonkey 2.12 beta2
    cpe:2.3:a:mozilla:seamonkey:2.12:beta2
  • Mozilla SeaMonkey 2.1 alpha1
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha1
  • Mozilla SeaMonkey 2.1 alpha3
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha3
  • Mozilla SeaMonkey 2.0.9
    cpe:2.3:a:mozilla:seamonkey:2.0.9
  • Mozilla SeaMonkey 2.1 alpha2
    cpe:2.3:a:mozilla:seamonkey:2.1:alpha2
  • Mozilla SeaMonkey 2.7.1
    cpe:2.3:a:mozilla:seamonkey:2.7.1
  • Mozilla SeaMonkey 2.8
    cpe:2.3:a:mozilla:seamonkey:2.8
  • Mozilla SeaMonkey 2.7.2
    cpe:2.3:a:mozilla:seamonkey:2.7.2
  • Mozilla SeaMonkey 2.3.3
    cpe:2.3:a:mozilla:seamonkey:2.3.3
  • Mozilla SeaMonkey 2.8 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.8:beta1
  • Mozilla SeaMonkey 2.8 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.8:beta3
  • Mozilla SeaMonkey 2.8 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.8:beta2
  • Mozilla SeaMonkey 2.8 Beta 4
    cpe:2.3:a:mozilla:seamonkey:2.8:beta4
  • Mozilla SeaMonkey 2.4
    cpe:2.3:a:mozilla:seamonkey:2.4
  • Mozilla SeaMonkey 2.4.1
    cpe:2.3:a:mozilla:seamonkey:2.4.1
  • Mozilla SeaMonkey 2.5 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.5:beta1
  • Mozilla SeaMonkey 2.5 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.5:beta3
  • Mozilla SeaMonkey 2.5 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.5:beta2
  • Mozilla SeaMonkey 2.6 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.6:beta1
  • Mozilla SeaMonkey 2.5 Beta 4
    cpe:2.3:a:mozilla:seamonkey:2.5:beta4
  • Mozilla SeaMonkey 2.3 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.3:beta3
  • Mozilla SeaMonkey 2.3 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.3:beta2
  • Mozilla SeaMonkey 2.3.1
    cpe:2.3:a:mozilla:seamonkey:2.3.1
  • Mozilla SeaMonkey 2.0.10
    cpe:2.3:a:mozilla:seamonkey:2.0.10
  • Mozilla SeaMonkey 2.3
    cpe:2.3:a:mozilla:seamonkey:2.3
  • Mozilla SeaMonkey 2.4 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.4:beta1
  • Mozilla SeaMonkey 2.3.2
    cpe:2.3:a:mozilla:seamonkey:2.3.2
  • Mozilla SeaMonkey 2.4 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.4:beta3
  • Mozilla SeaMonkey 2.13.1
    cpe:2.3:a:mozilla:seamonkey:2.13.1
  • Mozilla SeaMonkey 2.4 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.4:beta2
  • Mozilla SeaMonkey 2.7 Beta 4
    cpe:2.3:a:mozilla:seamonkey:2.7:beta4
  • Mozilla SeaMonkey 2.7 Beta 5
    cpe:2.3:a:mozilla:seamonkey:2.7:beta5
  • Mozilla SeaMonkey 2.6 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.6:beta2
  • Mozilla SeaMonkey 2.6 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.6:beta3
  • Mozilla SeaMonkey 2.6 Beta 4
    cpe:2.3:a:mozilla:seamonkey:2.6:beta4
  • Mozilla SeaMonkey 2.6
    cpe:2.3:a:mozilla:seamonkey:2.6
  • Mozilla SeaMonkey 2.6.1
    cpe:2.3:a:mozilla:seamonkey:2.6.1
  • Mozilla SeaMonkey 2.7 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.7:beta1
  • Mozilla SeaMonkey 2.7 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.7:beta2
  • Mozilla SeaMonkey 2.7 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.7:beta3
  • Mozilla SeaMonkey 2.7
    cpe:2.3:a:mozilla:seamonkey:2.7
  • Mozilla SeaMonkey 2.12
    cpe:2.3:a:mozilla:seamonkey:2.12
  • Mozilla SeaMonkey 2.1
    cpe:2.3:a:mozilla:seamonkey:2.1
  • Mozilla SeaMonkey 2.2 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.2:beta1
  • Mozilla SeaMonkey 2.1 Release Candidate 1
    cpe:2.3:a:mozilla:seamonkey:2.1:rc1
  • Mozilla SeaMonkey 2.1 Release Candidate 2
    cpe:2.3:a:mozilla:seamonkey:2.1:rc2
  • Mozilla SeaMonkey 2.2
    cpe:2.3:a:mozilla:seamonkey:2.2
  • Mozilla SeaMonkey 2.11
    cpe:2.3:a:mozilla:seamonkey:2.11
  • Mozilla SeaMonkey 2.3 Beta1
    cpe:2.3:a:mozilla:seamonkey:2.3:beta1
  • Mozilla SeaMonkey 2.2 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.2:beta2
  • Mozilla SeaMonkey 2.2 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.2:beta3
  • Mozilla SeaMonkey 2.1 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.1:beta2
  • Mozilla SeaMonkey 2.1 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.1:beta3
  • Mozilla SeaMonkey 2.1 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.1:beta1
  • Mozilla SeaMonkey 2.9.1
    cpe:2.3:a:mozilla:seamonkey:2.9.1
  • Mozilla SeaMonkey 2.9 beta4
    cpe:2.3:a:mozilla:seamonkey:2.9:beta4
  • Mozilla SeaMonkey 2.8 Beta 6
    cpe:2.3:a:mozilla:seamonkey:2.8:beta6
  • Mozilla SeaMonkey 2.9 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.9:beta2
  • Mozilla SeaMonkey 2.9 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.9:beta1
  • Mozilla SeaMonkey 2.9
    cpe:2.3:a:mozilla:seamonkey:2.9
  • Mozilla SeaMonkey 2.9 Beta 3
    cpe:2.3:a:mozilla:seamonkey:2.9:beta3
  • Mozilla SeaMonkey 2.8 Beta 5
    cpe:2.3:a:mozilla:seamonkey:2.8:beta5
  • Mozilla SeaMonkey 1.1.17
    cpe:2.3:a:mozilla:seamonkey:1.1.17
  • Mozilla SeaMonkey 1.1.16
    cpe:2.3:a:mozilla:seamonkey:1.1.16
  • Mozilla Seamonkey 1.1.1
    cpe:2.3:a:mozilla:seamonkey:1.1.1
  • Mozilla SeaMonkey 1.1.14
    cpe:2.3:a:mozilla:seamonkey:1.1.14
  • Mozilla SeaMonkey 1.1.15
    cpe:2.3:a:mozilla:seamonkey:1.1.15
  • Mozilla SeaMonkey 1.1.11
    cpe:2.3:a:mozilla:seamonkey:1.1.11
  • Mozilla SeaMonkey 1.1.12
    cpe:2.3:a:mozilla:seamonkey:1.1.12
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha
  • Mozilla SeaMonkey 1.0 alpha
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha
  • Mozilla SeaMonkey 1.1.10
    cpe:2.3:a:mozilla:seamonkey:1.1.10
  • Mozilla SeaMonkey 1.0 beta
    cpe:2.3:a:mozilla:seamonkey:1.0:beta
  • Mozilla Seamonkey 1.1.4
    cpe:2.3:a:mozilla:seamonkey:1.1.4
  • Mozilla Seamonkey 1.1.5
    cpe:2.3:a:mozilla:seamonkey:1.1.5
  • Mozilla Seamonkey 1.1.19
    cpe:2.3:a:mozilla:seamonkey:1.1.19
  • Mozilla Seamonkey 1.1.18
    cpe:2.3:a:mozilla:seamonkey:1.1.18
  • Mozilla SeaMonkey 1.1.8
    cpe:2.3:a:mozilla:seamonkey:1.1.8
  • Mozilla Seamonkey 1.1.7
    cpe:2.3:a:mozilla:seamonkey:1.1.7
  • Mozilla Seamonkey 1.1.6
    cpe:2.3:a:mozilla:seamonkey:1.1.6
  • Mozilla SeaMonkey 1.1.9
    cpe:2.3:a:mozilla:seamonkey:1.1.9
  • Mozilla SeaMonkey 1.5.0.8
    cpe:2.3:a:mozilla:seamonkey:1.5.0.8
  • Mozilla SeaMonkey 1.5.0.9
    cpe:2.3:a:mozilla:seamonkey:1.5.0.9
  • Mozilla SeaMonkey 1.0.9
    cpe:2.3:a:mozilla:seamonkey:1.0.9
  • Mozilla SeaMonkey 1.0.8
    cpe:2.3:a:mozilla:seamonkey:1.0.8
  • Mozilla SeaMonkey 1.0.7
    cpe:2.3:a:mozilla:seamonkey:1.0.7
  • Mozilla SeaMonkey 1.0.6
    cpe:2.3:a:mozilla:seamonkey:1.0.6
  • Mozilla SeaMonkey 1.5.0.10
    cpe:2.3:a:mozilla:seamonkey:1.5.0.10
  • Mozilla Seamonkey 1.1.3
    cpe:2.3:a:mozilla:seamonkey:1.1.3
  • Mozilla Seamonkey 1.1.2
    cpe:2.3:a:mozilla:seamonkey:1.1.2
  • Mozilla SeaMonkey 1.1.13
    cpe:2.3:a:mozilla:seamonkey:1.1.13
  • Mozilla SeaMonkey 1.1
    cpe:2.3:a:mozilla:seamonkey:1.1
  • Mozilla SeaMonkey 1.0.1
    cpe:2.3:a:mozilla:seamonkey:1.0.1
  • Mozilla SeaMonkey 1.0
    cpe:2.3:a:mozilla:seamonkey:1.0
  • Mozilla SeaMonkey 1.1 beta
    cpe:2.3:a:mozilla:seamonkey:1.1:beta
  • Mozilla SeaMonkey 1.0.5
    cpe:2.3:a:mozilla:seamonkey:1.0.5
  • Mozilla SeaMonkey 1.0.4
    cpe:2.3:a:mozilla:seamonkey:1.0.4
  • Mozilla SeaMonkey 1.0.3
    cpe:2.3:a:mozilla:seamonkey:1.0.3
  • Mozilla SeaMonkey 1.0.2
    cpe:2.3:a:mozilla:seamonkey:1.0.2
  • Mozilla SeaMonkey 2.13
    cpe:2.3:a:mozilla:seamonkey:2.13
CVSS
Base: 9.3 (as of 21-11-2012 - 08:57)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1636-1.NASL
    description Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-5842, CVE-2012-5843) Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. (CVE-2012-4202) It was discovered that the evalInSandbox function's JavaScript sandbox context could be circumvented. An attacker could exploit this to perform a cross-site scripting (XSS) attack or steal a copy of a local file if the user has installed an add-on vulnerable to this attack. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page and had JavaScript enabled, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4201) Jonathan Stephens discovered that combining vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text could cause Thunderbird to crash. If a user were tricked into opening a malicious E-Mail, an attacker could cause a denial of service via application crash or execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-5836) Scott Bell discovered a memory corruption issue in the JavaScript engine. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit this to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-4204) Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (CVE-2012-4205) Peter Van der Beken discovered XrayWrapper implementation in Firefox does not consider the compartment during property filtering. If JavaScript were enabled, an attacker could use this to bypass intended chrome-only restrictions on reading DOM object properties via a crafted website. (CVE-2012-4208) Bobby Holley discovered that cross-origin wrappers were allowing write actions on objects when only read actions should have been properly allowed. This can lead to cross-site scripting (XSS) attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page and had JavaScript enabled, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5841) Masato Kinugawa discovered that when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page and had JavaScript enabled, a remote attacker could exploit these to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4207) Mariusz Mlynski discovered that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page and had JavaScript enabled, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4209) Abhishek Arya discovered multiple use-after-free and buffer overflow issues in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218) Several memory corruption flaws were discovered in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 63023
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63023
    title Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1636-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1638-2.NASL
    description USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2012-5842, CVE-2012-5843) Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. (CVE-2012-4202) It was discovered that the evalInSandbox function's JavaScript sandbox context could be circumvented. An attacker could exploit this to perform a cross-site scripting (XSS) attack or steal a copy of a local file if the user has installed an add-on vulnerable to this attack. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4201) Jonathan Stephens discovered that combining vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text could cause Firefox to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service via application crash or execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-5836) It was discovered that if a javascript: URL is selected from the list of Firefox 'new tab' page, the script will inherit the privileges of the privileged 'new tab' page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. (CVE-2012-4203) Scott Bell discovered a memory corruption issue in the JavaScript engine. If a user were tricked into opening a malicious website, an attacker could exploit this to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-4204) Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (CVE-2012-4205) Peter Van der Beken discovered XrayWrapper implementation in Firefox does not consider the compartment during property filtering. An attacker could use this to bypass intended chrome-only restrictions on reading DOM object properties via a crafted website. (CVE-2012-4208) Bobby Holley discovered that cross-origin wrappers were allowing write actions on objects when only read actions should have been properly allowed. This can lead to cross-site scripting (XSS) attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5841) Masato Kinugawa discovered that when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit these to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4207) Mariusz Mlynski discovered that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4209) Mariusz Mlynski discovered that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. If a user were tricked into opening a malicious web page, an attacker could execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-4210) Abhishek Arya discovered multiple use-after-free and buffer overflow issues in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218) Several memory corruption flaws were discovered in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 63026
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63026
    title Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : ubufox update (USN-1638-2)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_THUNDERBIRD_17_0.NASL
    description The installed version of Thunderbird 16.x is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836) - The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204) - 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (CSRF). (CVE-2012-4205) - 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209 CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62996
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62996
    title Thunderbird 16.x Multiple Vulnerabilities (Mac OS X)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_170.NASL
    description The installed version of Thunderbird is earlier than 17.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836) - The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204) - 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (CSRF). (CVE-2012-4205) - 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209 CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 63000
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63000
    title Mozilla Thunderbird < 17.0 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1483.NASL
    description From Red Hat Security Advisory 2012:1483 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Masato Kinugawa, Mariusz Mlynski, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. Note: All issues except CVE-2012-4202 cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 10.0.11 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68660
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68660
    title Oracle Linux 6 : thunderbird (ELSA-2012-1483)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20121120_THUNDERBIRD_ON_SL5_X.NASL
    description Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Note: All issues except CVE-2012-4202 cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 63020
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63020
    title Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-818.NASL
    description Changes in MozillaThunderbird : - update to Thunderbird 17.0 (bnc#790140) - MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards - MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images - MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied - MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS - MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape - MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox - MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment - MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers - MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset - MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges - MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location - MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer - MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2 012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) - update Enigmail to 1.4.6
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74825
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74825
    title openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2012:1585-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_17_0.NASL
    description The installed version of Firefox is earlier than 17.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836) - A bookmarked, malicious 'javascript:' URL could allow execution of local executables. (CVE-2012-4203) - The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204) - 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (CSRF). (CVE-2012-4205) - 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, the 'Style Inspector', 'Developer Toolbar' and 'cross-origin wrappers' that can allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5837, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62994
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62994
    title Firefox < 17.0 Multiple Vulnerabilities (Mac OS X)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201301-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 63402
    published 2013-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63402
    title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-819.NASL
    description Changes in xulrunner : - update to 17.0 (bnc#790140) - MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards - MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images - MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied - MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS - MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page - MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape - MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox - MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment - MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers - MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset - MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges - MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location - MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector - MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer - MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2 012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74826
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74826
    title openSUSE Security Update : xulrunner (openSUSE-SU-2012:1586-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1482.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.11 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Mariusz Mlynski, Masato Kinugawa, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.11 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 63005
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63005
    title CentOS 5 / 6 : firefox (CESA-2012:1482)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1483.NASL
    description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Masato Kinugawa, Mariusz Mlynski, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. Note: All issues except CVE-2012-4202 cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 10.0.11 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 63006
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63006
    title CentOS 5 / 6 : thunderbird (CESA-2012:1483)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_10011.NASL
    description The installed version of Thunderbird 10.x is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840) Please note the 10.x ESR branch will be unsupported as of 02/13/2013. Only the 17.x ESR branch will receive security updates after that date.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62999
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62999
    title Mozilla Thunderbird 10.x < 10.0.11 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1638-3.NASL
    description USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2012-5842, CVE-2012-5843) Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. (CVE-2012-4202) It was discovered that the evalInSandbox function's JavaScript sandbox context could be circumvented. An attacker could exploit this to perform a cross-site scripting (XSS) attack or steal a copy of a local file if the user has installed an add-on vulnerable to this attack. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4201) Jonathan Stephens discovered that combining vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text could cause Firefox to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service via application crash or execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-5836) It was discovered that if a javascript: URL is selected from the list of Firefox 'new tab' page, the script will inherit the privileges of the privileged 'new tab' page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. (CVE-2012-4203) Scott Bell discovered a memory corruption issue in the JavaScript engine. If a user were tricked into opening a malicious website, an attacker could exploit this to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-4204) Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (CVE-2012-4205) Peter Van der Beken discovered XrayWrapper implementation in Firefox does not consider the compartment during property filtering. An attacker could use this to bypass intended chrome-only restrictions on reading DOM object properties via a crafted website. (CVE-2012-4208) Bobby Holley discovered that cross-origin wrappers were allowing write actions on objects when only read actions should have been properly allowed. This can lead to cross-site scripting (XSS) attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5841) Masato Kinugawa discovered that when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4207) Masato Kinugawa discovered that scripts entered into the Developer Toolbar could run in a chrome privileged context. An attacker could use this vulnerability to conduct cross-site scripting (XSS) attacks or execute arbitrary code as the user invoking Firefox. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5837) Mariusz Mlynski discovered that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4209) Mariusz Mlynski discovered that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. If a user were tricked into opening a malicious web page, an attacker could execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-4210) Abhishek Arya discovered multiple use-after-free and buffer overflow issues in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218) Several memory corruption flaws were discovered in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 63145
    published 2012-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63145
    title Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regressions (USN-1638-3)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-820.NASL
    description Changes in seamonkey : - update to SeaMonkey 2.14 (bnc#790140) - MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards - MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images - MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied - MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS - MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape - MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox - MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment - MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers - MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset - MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location - MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer - MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2 012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74827
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74827
    title openSUSE Security Update : seamonkey (openSUSE-SU-2012:1584-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_D23119DF335D11E2B64CC8600054B392.NASL
    description The Mozilla Project reports : MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11) MFSA 2012-92 Buffer overflow while rendering GIF images MFSA 2012-93 evalInSanbox location context incorrectly applied MFSA 2012-94 Crash when combining SVG text on path with CSS MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page MFSA 2012-96 Memory corruption in str_unescape MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox MFSA 2012-98 Firefox installer DLL hijacking MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment MFSA 2012-100 Improper security filtering for cross-origin wrappers MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges MFSA 2012-103 Frames can shadow top.location MFSA 2012-104 CSS and HTML injection through Style Inspector MFSA 2012-105 Use-after-free and buffer overflow issues found MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 62979
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62979
    title FreeBSD : mozilla -- multiple vulnerabilities (d23119df-335d-11e2-b64c-c8600054b392)
  • NASL family Windows
    NASL id SEAMONKEY_214.NASL
    description The installed version of SeaMonkey is earlier than 2.14 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836) - The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204) - 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (CSRF). (CVE-2012-4205) - 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that can allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 63001
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63001
    title SeaMonkey < 2.14 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20121120_FIREFOX_ON_SL5_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 63019
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63019
    title Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_THUNDERBIRD_10_0_11.NASL
    description The installed version of Thunderbird 10.x is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840) Please note the 10.x ESR branch will be unsupported as of 02/13/2013. Only the 17.x ESR branch will receive security updates after that date.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62995
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62995
    title Thunderbird 10.x < 10.0.11 Multiple Vulnerabilities (Mac OS X)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1482.NASL
    description From Red Hat Security Advisory 2012:1482 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.11 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Mariusz Mlynski, Masato Kinugawa, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.11 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68659
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68659
    title Oracle Linux 5 / 6 : firefox (ELSA-2012-1482)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FIREFOX-20121121-8381.NASL
    description Mozilla Firefox has been updated to the 10.0.11 ESR security release, which fixes various bugs and security issues. - Security researcher miaubiz used the Address Sanitizer tool to discover a series critically rated of use-after-free, buffer overflow, and memory corruption issues in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank miaubiz for reporting two additional use-after-free and memory corruption issues introduced during Firefox development that have been fixed before general release. (MFSA 2012-106) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11 : o use-after-free when loading html file on osx (CVE-2012-5830) o Mesa crashes on certain texImage2D calls involving level>0 (CVE-2012-5833) o integer overflow, invalid write w/webgl bufferdata. (CVE-2012-5835) The following issues have been fixed in Firefox 17 : o crash in copyTexImage2D with image dimensions too large for given level. (CVE-2012-5838) - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting five additional use-after-free, out of bounds read, and buffer overflow flaws introduced during Firefox development that have been fixed before general release. (MFSA 2012-105) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11 : o Heap-use-after-free in nsTextEditorState::PrepareEditor (CVE-2012-4214) o Heap-use-after-free in nsPlaintextEditor::FireClipboardEvent (CVE-2012-4215) o Heap-use-after-free in gfxFont::GetFontEntry (CVE-2012-4216) o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829) o heap-buffer-overflow in gfxShapedWord::CompressedGlyph::IsClusterStart o CVE-2012-5839 o Heap-use-after-free in nsTextEditorState::PrepareEditor. (CVE-2012-5840) The following issues have been fixed in Firefox 17 : o Heap-use-after-free in XPCWrappedNative::Mark (CVE-2012-4212) o Heap-use-after-free in nsEditor::FindNextLeafNode (CVE-2012-4213) o Heap-use-after-free in nsViewManager::ProcessPendingUpdates (CVE-2012-4217) o Heap-use-after-free BuildTextRunsScanner::BreakSink::SetBreaks. (CVE-2012-4218) - Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution. (MFSA 2012-104 / CVE-2012-4210) - Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. (MFSA 2012-103 / CVE-2012-4209) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher Masato Kinugawa reported that when script is entered into the Developer Toolbar, it runs in a chrome privileged context. This allows for arbitrary code execution or cross-site scripting (XSS) if a user can be convinced to paste malicious code into the Developer Toolbar. (MFSA 2012-102 / CVE-2012-5837) - Security researcher Masato Kinugawa found when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. (MFSA 2012-101 / CVE-2012-4207) - Mozilla developer Bobby Holley reported that security wrappers filter at the time of property access, but once a function is returned, the caller can use this function without further security checks. This affects cross-origin wrappers, allowing for write actions on objects when only read actions should be properly allowed. This can lead to cross-site scripting (XSS) attacks. (MFSA 2012-100 / CVE-2012-5841) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Mozilla developer Peter Van der Beken discovered that same-origin XrayWrappers expose chrome-only properties even when not in a chrome compartment. This can allow web content to get properties of DOM objects that are intended to be chrome-only. (MFSA 2012-99 / CVE-2012-4208) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher Robert Kugler reported that when a specifically named DLL file on a Windows computer is placed in the default downloads directory with the Firefox installer, the Firefox installer will load this DLL when it is launched. In circumstances where the installer is run by an administrator privileged account, this allows for the downloaded DLL file to be run with administrator privileges. This can lead to arbitrary code execution from a privileged account. (MFSA 2012-98 / CVE-2012-4206) - Mozilla developer Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (MFSA 2012-97 / CVE-2012-4205) - Security researcher Scott Bell of Security-Assessment.com used the Address Sanitizer tool to discover a memory corruption in str_unescape in the JavaScript engine. This could potentially lead to arbitrary code execution. (MFSA 2012-96 / CVE-2012-4204) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher kakzz.ng@gmail.com reported that if a javascript: URL is selected from the list of Firefox 'new tab' page, the script will inherit the privileges of the privileged 'new tab' page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. (MFSA 2012-95 / CVE-2012-4203) - Security researcher Jonathan Stephens discovered that combining SVG text on a path with the setting of CSS properties could lead to a potentially exploitable crash. (MFSA 2012-94 / CVE-2012-5836) - Mozilla security researcher moz_bug_r_a4 reported that if code executed by the evalInSandbox function sets location.href, it can get the wrong subject principal for the URL check, ignoring the sandbox's JavaScript context and gaining the context of evalInSandbox object. This can lead to malicious web content being able to perform a cross-site scripting (XSS) attack or stealing a copy of a local file if the user has installed an add-on vulnerable to this attack. (MFSA 2012-93 / CVE-2012-4201) - Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution. (MFSA 2012-92 / CVE-2012-4202) - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2012-91) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, and Bill McCloskey reported memory safety problems and crashes that affect Firefox 16. (CVE-2012-5843) Jesse Ruderman, Andrew McCreight, Bob Clary, and Kyle Huey reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 16. (CVE-2012-5842)
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 63091
    published 2012-11-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63091
    title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8381)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FIREFOX-20121121-121123.NASL
    description Mozilla Firefox has been updated to the 10.0.11 ESR security release, which fixes various bugs and security issues. - Security researcher miaubiz used the Address Sanitizer tool to discover a series critically rated of use-after-free, buffer overflow, and memory corruption issues in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank miaubiz for reporting two additional use-after-free and memory corruption issues introduced during Firefox development that have been fixed before general release. (MFSA 2012-106) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11 : - use-after-free when loading html file on osx. (CVE-2012-5830) - Mesa crashes on certain texImage2D calls involving level>0. (CVE-2012-5833) - integer overflow, invalid write w/webgl bufferdata (CVE-2012-5835) The following issues have been fixed in Firefox 17 : - crash in copyTexImage2D with image dimensions too large for given level. (CVE-2012-5838) - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting five additional use-after-free, out of bounds read, and buffer overflow flaws introduced during Firefox development that have been fixed before general release. (MFSA 2012-105) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References The following issues have been fixed in Firefox 17 and ESR 10.0.11 : - Heap-use-after-free in nsTextEditorState::PrepareEditor. (CVE-2012-4214) - Heap-use-after-free in nsPlaintextEditor::FireClipboardEvent. (CVE-2012-4215) - Heap-use-after-free in gfxFont::GetFontEntry. (CVE-2012-4216) - Heap-buffer-overflow in nsWindow::OnExposeEvent. (CVE-2012-5829) - heap-buffer-overflow in gfxShapedWord::CompressedGlyph::IsClusterStart - CVE-2012-5839 - Heap-use-after-free in nsTextEditorState::PrepareEditor (CVE-2012-5840) The following issues have been fixed in Firefox 17 : - Heap-use-after-free in XPCWrappedNative::Mark. (CVE-2012-4212) - Heap-use-after-free in nsEditor::FindNextLeafNode. (CVE-2012-4213) - Heap-use-after-free in nsViewManager::ProcessPendingUpdates. (CVE-2012-4217) - Heap-use-after-free BuildTextRunsScanner::BreakSink::SetBreaks. (CVE-2012-4218) - Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution. (MFSA 2012-104 / CVE-2012-4210) - Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. (MFSA 2012-103 / CVE-2012-4209) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher Masato Kinugawa reported that when script is entered into the Developer Toolbar, it runs in a chrome privileged context. This allows for arbitrary code execution or cross-site scripting (XSS) if a user can be convinced to paste malicious code into the Developer Toolbar. (MFSA 2012-102 / CVE-2012-5837) - Security researcher Masato Kinugawa found when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. (MFSA 2012-101 / CVE-2012-4207) - Mozilla developer Bobby Holley reported that security wrappers filter at the time of property access, but once a function is returned, the caller can use this function without further security checks. This affects cross-origin wrappers, allowing for write actions on objects when only read actions should be properly allowed. This can lead to cross-site scripting (XSS) attacks. (MFSA 2012-100 / CVE-2012-5841) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Mozilla developer Peter Van der Beken discovered that same-origin XrayWrappers expose chrome-only properties even when not in a chrome compartment. This can allow web content to get properties of DOM objects that are intended to be chrome-only. (MFSA 2012-99 / CVE-2012-4208) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher Robert Kugler reported that when a specifically named DLL file on a Windows computer is placed in the default downloads directory with the Firefox installer, the Firefox installer will load this DLL when it is launched. In circumstances where the installer is run by an administrator privileged account, this allows for the downloaded DLL file to be run with administrator privileges. This can lead to arbitrary code execution from a privileged account. (MFSA 2012-98 / CVE-2012-4206) - Mozilla developer Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (MFSA 2012-97 / CVE-2012-4205) - Security researcher Scott Bell of Security-Assessment.com used the Address Sanitizer tool to discover a memory corruption in str_unescape in the JavaScript engine. This could potentially lead to arbitrary code execution. (MFSA 2012-96 / CVE-2012-4204) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. - Security researcher kakzz.ng@gmail.com reported that if a javascript: URL is selected from the list of Firefox 'new tab' page, the script will inherit the privileges of the privileged 'new tab' page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. (MFSA 2012-95 / CVE-2012-4203) - Security researcher Jonathan Stephens discovered that combining SVG text on a path with the setting of CSS properties could lead to a potentially exploitable crash. (MFSA 2012-94 / CVE-2012-5836) - Mozilla security researcher moz_bug_r_a4 reported that if code executed by the evalInSandbox function sets location.href, it can get the wrong subject principal for the URL check, ignoring the sandbox's JavaScript context and gaining the context of evalInSandbox object. This can lead to malicious web content being able to perform a cross-site scripting (XSS) attack or stealing a copy of a local file if the user has installed an add-on vulnerable to this attack. (MFSA 2012-93 / CVE-2012-4201) - Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution. (MFSA 2012-92 / CVE-2012-4202) - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2012-91) In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, and Bill McCloskey reported memory safety problems and crashes that affect Firefox 16. (CVE-2012-5843) Jesse Ruderman, Andrew McCreight, Bob Clary, and Kyle Huey reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 16. (CVE-2012-5842)
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 64135
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64135
    title SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7093)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_170.NASL
    description The installed version of Firefox is earlier than 17.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836) - A bookmarked, malicious 'javascript:' URL could allow execution of local executables. (CVE-2012-4203) - The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204) - 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (CSRF). (CVE-2012-4205) - An error exists related to the application installer and DLL loading. (CVE-2012-4206) - 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, the 'Style Inspector', 'Developer Toolbar' and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5837, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62998
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62998
    title Firefox < 17.0 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_10_0_11.NASL
    description The installed version of Firefox is earlier than 10.0.11 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow leading to arbitrary code execution. (CVE-2012-4202) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, the 'Style Inspector', and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840) Please note the 10.x ESR branch will be unsupported as of 02/13/2013. Only the 17.x ESR branch will receive security updates after that date.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62993
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62993
    title Firefox < 10.0.11 Multiple Vulnerabilities (Mac OS X)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1483.NASL
    description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Masato Kinugawa, Mariusz Mlynski, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. Note: All issues except CVE-2012-4202 cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 10.0.11 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62981
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62981
    title RHEL 5 / 6 : thunderbird (RHSA-2012:1483)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1482.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.11 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Mariusz Mlynski, Masato Kinugawa, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.11 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 62980
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62980
    title RHEL 5 / 6 : firefox (RHSA-2012:1482)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_10011.NASL
    description The installed version of Firefox 10.x is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5843) - An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow, leading to arbitrary code execution. (CVE-2012-4202) - An error exists related to the application installer and DLL loading. (CVE-2012-4206) - Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, the 'Style Inspector', and 'cross-origin wrappers' that could allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5841) - Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840) Please note the 10.x ESR branch will be unsupported as of 02/13/2013. Only the 17.x ESR branch will receive security updates after that date.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62997
    published 2012-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62997
    title Firefox 10.x < 10.0.11 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1638-1.NASL
    description Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2012-5842, CVE-2012-5843) Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. (CVE-2012-4202) It was discovered that the evalInSandbox function's JavaScript sandbox context could be circumvented. An attacker could exploit this to perform a cross-site scripting (XSS) attack or steal a copy of a local file if the user has installed an add-on vulnerable to this attack. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4201) Jonathan Stephens discovered that combining vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text could cause Firefox to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service via application crash or execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-5836) It was discovered that if a javascript: URL is selected from the list of Firefox 'new tab' page, the script will inherit the privileges of the privileged 'new tab' page. This allows for the execution of locally installed programs if a user can be convinced to save a bookmark of a malicious javascript: URL. (CVE-2012-4203) Scott Bell discovered a memory corruption issue in the JavaScript engine. If a user were tricked into opening a malicious website, an attacker could exploit this to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-4204) Gabor Krizsanits discovered that XMLHttpRequest objects created within sandboxes have the system principal instead of the sandbox principal. This can lead to cross-site request forgery (CSRF) or information theft via an add-on running untrusted code in a sandbox. (CVE-2012-4205) Peter Van der Beken discovered XrayWrapper implementation in Firefox does not consider the compartment during property filtering. An attacker could use this to bypass intended chrome-only restrictions on reading DOM object properties via a crafted website. (CVE-2012-4208) Bobby Holley discovered that cross-origin wrappers were allowing write actions on objects when only read actions should have been properly allowed. This can lead to cross-site scripting (XSS) attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5841) Masato Kinugawa discovered that when HZ-GB-2312 charset encoding is used for text, the '~' character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4207) Masato Kinugawa discovered that scripts entered into the Developer Toolbar could run in a chrome privileged context. An attacker could use this vulnerability to conduct cross-site scripting (XSS) attacks or execute arbitrary code as the user invoking Firefox. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-5837) Mariusz Mlynski discovered that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to 'top'. This can allow for possible cross-site scripting (XSS) attacks through plugins. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2012-4209) Mariusz Mlynski discovered that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. If a user were tricked into opening a malicious web page, an attacker could execute arbitrary code with the privliges of the user invoking the program. (CVE-2012-4210) Abhishek Arya discovered multiple use-after-free and buffer overflow issues in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218) Several memory corruption flaws were discovered in Firefox. If a user were tricked into opening a malicious page, an attacker could exploit these to execute arbitrary code as the user invoking the program. (CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 63025
    published 2012-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63025
    title Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1638-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-817.NASL
    description Changes in MozillaFirefox : - update to Firefox 17.0 (bnc#790140) - MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards - MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images - MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied - MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS - MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page - MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape - MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox - MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment - MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers - MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset - MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges - MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location - MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector - MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer - MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2 012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74824
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74824
    title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1583-1)
oval via4
accepted 2014-10-06T04:02:03.043-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Richard Helbing
    organization baramundi software
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
  • comment Mozilla Thunderbird Mainline release is installed
    oval oval:org.mitre.oval:def:22093
  • comment Mozilla Seamonkey is installed
    oval oval:org.mitre.oval:def:6372
  • comment Mozilla Firefox Mainline release is installed
    oval oval:org.mitre.oval:def:22259
  • comment Mozilla Firefox ESR is installed
    oval oval:org.mitre.oval:def:22414
  • comment Mozilla Thunderbird ESR is installed
    oval oval:org.mitre.oval:def:22216
description Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
family windows
id oval:org.mitre.oval:def:16739
status accepted
submitted 2013-05-13T10:26:26.748+04:00
title Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
version 36
redhat via4
advisories
  • rhsa
    id RHSA-2012:1482
  • rhsa
    id RHSA-2012:1483
rpms
  • xulrunner-0:10.0.11-1.el5_8
  • xulrunner-devel-0:10.0.11-1.el5_8
  • firefox-0:10.0.11-1.el5_8
  • xulrunner-0:10.0.11-1.el6_3
  • xulrunner-devel-0:10.0.11-1.el6_3
  • firefox-0:10.0.11-1.el6_3
  • thunderbird-0:10.0.11-1.el5_8
  • thunderbird-0:10.0.11-1.el6_3
refmap via4
bid 56614
confirm
mandriva MDVSA-2012:173
secunia
  • 51359
  • 51360
  • 51369
  • 51370
  • 51381
  • 51434
  • 51439
  • 51440
suse
  • SUSE-SU-2012:1592
  • openSUSE-SU-2012:1583
  • openSUSE-SU-2012:1585
  • openSUSE-SU-2012:1586
  • openSUSE-SU-2013:0175
ubuntu
  • USN-1636-1
  • USN-1638-1
  • USN-1638-2
  • USN-1638-3
xf mozilla-firefox-gif-bo(80170)
Last major update 02-11-2013 - 23:26
Published 21-11-2012 - 07:55
Last modified 18-09-2017 - 21:35
Back to Top