Published: 21/11/2012 Updated: 13/08/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Use-after-free vulnerability in Mozilla Firefox prior to 17.0, Firefox ESR 10.x prior to 10.0.11, Thunderbird prior to 17.0, Thunderbird ESR 10.x prior to 10.0.11, and SeaMonkey prior to 2.14 on Mac OS X allows remote malicious users to execute arbitrary code via an HTML document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
mozilla firefox_esr
mozilla seamonkey
mozilla thunderbird
mozilla thunderbird_esr
redhat enterprise linux desktop 5.0
redhat enterprise linux desktop 6.0
redhat enterprise linux eus 6.3
redhat enterprise linux server 5.0
redhat enterprise linux server 6.0
redhat enterprise linux server eus 6.3
redhat enterprise linux workstation 5.0
redhat enterprise linux workstation 6.0
suse suse linux enterprise software development kit 11.0
canonical ubuntu linux 10.04
canonical ubuntu linux 11.10
canonical ubuntu linux 12.04
canonical ubuntu linux 12.10
opensuse opensuse 11.4
opensuse opensuse 12.1
opensuse opensuse 12.2
suse suse linux enterprise desktop 10
suse suse linux enterprise desktop 11
suse suse linux enterprise server 10
suse suse linux enterprise server 11

Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulner ...

Synopsis Critical: thunderbird security update Type/Severity Security Advisory: Critical Topic An updated thunderbird package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Co ...

This update provides compatible ubufox packages for the latest Firefox ...

Several security issues were fixed in Firefox ...

Regressions were introduced in the last Firefox update ...

Multiple security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer Announced November 20, 2012 Reporter miaubiz Impact Critical Products Firefox, Firefox ...

CWE-416 https://bugzilla.mozilla.org/show_bug.cgi?id=775228 http://www.mozilla.org/security/announce/2012/mfsa2012-106.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html http://www.ubuntu.com/usn/USN-1638-1 http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html http://www.ubuntu.com/usn/USN-1638-2 http://www.ubuntu.com/usn/USN-1638-3 http://rhn.redhat.com/errata/RHSA-2012-1482.html http://rhn.redhat.com/errata/RHSA-2012-1483.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html http://www.ubuntu.com/usn/USN-1636-1 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html http://osvdb.org/87598 http://secunia.com/advisories/51434 http://secunia.com/advisories/51381 http://secunia.com/advisories/51360 http://secunia.com/advisories/51369 http://secunia.com/advisories/51359 http://secunia.com/advisories/51440 http://secunia.com/advisories/51439 http://secunia.com/advisories/51370 https://exchange.xforce.ibmcloud.com/vulnerabilities/80183 https://access.redhat.com/errata/RHSA-2012:1482 https://nvd.nist.gov https://usn.ubuntu.com/1638-2/

CVE-2012-5830

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect