Published: 05/06/2012 Updated: 05/01/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x up to and including 12.0, Firefox ESR 10.x prior to 10.0.5, Thunderbird 5.0 up to and including 12.0, Thunderbird ESR 10.x prior to 10.0.5, and SeaMonkey prior to 2.10 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 4.0
mozilla firefox 7.0.1
mozilla firefox 7.0
mozilla firefox 10.0.1
mozilla firefox 11.0
mozilla thunderbird 5.0
mozilla thunderbird 6.0
mozilla thunderbird 9.0
mozilla thunderbird 10.0.2
mozilla thunderbird esr 10.0
mozilla thunderbird esr 10.0.1
mozilla seamonkey 2.8
mozilla seamonkey 2.7.2
mozilla seamonkey 2.7
mozilla seamonkey 2.6
mozilla seamonkey 2.5
mozilla seamonkey 2.4
mozilla seamonkey 2.3
mozilla seamonkey 2.3.1
mozilla seamonkey 2.2
mozilla seamonkey 2.1
mozilla seamonkey 2.0.8
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.9
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.13
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.2
mozilla firefox 5.0
mozilla firefox 8.0
mozilla firefox 8.0.1
mozilla firefox 12.0
mozilla thunderbird 6.0.1
mozilla thunderbird 6.0.2
mozilla thunderbird 10.0.3
mozilla thunderbird 10.0.1
mozilla thunderbird esr 10.0.2
mozilla thunderbird esr 10.0.3
mozilla firefox 5.0.1
mozilla firefox 6.0
mozilla firefox 9.0.1
mozilla firefox 9.0
mozilla firefox esr 10.0
mozilla firefox esr 10.0.1
mozilla firefox esr 10.0.2
mozilla thunderbird 7.0.1
mozilla thunderbird 7.0
mozilla thunderbird 10.0
mozilla thunderbird 10.0.4
mozilla thunderbird esr 10.0.4
mozilla seamonkey
mozilla seamonkey 2.9
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0.6
mozilla seamonkey 2.0.14
mozilla seamonkey 2.0.3
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 1.0
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1
mozilla firefox 4.0.1
mozilla firefox 6.0.2
mozilla firefox 6.0.1
mozilla firefox 10.0.2
mozilla firefox 10.0
mozilla firefox esr 10.0.3
mozilla firefox esr 10.0.4
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 12.0
mozilla seamonkey 2.7.1
mozilla seamonkey 2.3.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.4
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.18
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.5
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla seamonkey 2.4.1
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.11
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.7
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.12
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.1

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulne ...

Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An updated thunderbird package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...

Several vulnerabilities have been discovered in Icedove, the Debian version of the Mozilla Thunderbird mail/news client There were miscellaneous memory safety hazards (CVE-2012-1937, CVE-2012-1939) and a use-after-free issue (CVE-2012-1940) For the stable distribution (squeeze), these problems have been fixed in version 3011-1+squeeze11 We rec ...

Several security issues were fixed in Firefox ...

Several security issues were fixed in Thunderbird ...

USN-1463-1 introduced regressions in Firefox ...

Mozilla Foundation Security Advisory 2012-34 Miscellaneous memory safety hazards (rv:130/ rv:1005) Announced June 5, 2012 Impact Critical Products Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR Fixed in ...

NVD-CWE-noinfo http://www.mozilla.org/security/announce/2012/mfsa2012-34.html https://bugzilla.mozilla.org/show_bug.cgi?id=745254 https://bugzilla.mozilla.org/show_bug.cgi?id=745580 https://bugzilla.mozilla.org/show_bug.cgi?id=643967 https://bugzilla.mozilla.org/show_bug.cgi?id=745494 https://bugzilla.mozilla.org/show_bug.cgi?id=723465 http://www.debian.org/security/2012/dsa-2499 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:088 http://rhn.redhat.com/errata/RHSA-2012-0715.html http://rhn.redhat.com/errata/RHSA-2012-0710.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html http://www.debian.org/security/2012/dsa-2489 http://www.debian.org/security/2012/dsa-2488 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:0710 https://usn.ubuntu.com/1463-1/https://www.debian.org/security/./dsa-2499

Get Started

CVE-2012-1937

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect