CVE-2012-4183
Summary
| CVE | CVE-2012-4183 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-10-10 17:55:00 UTC |
| Updated | 2020-08-11 13:47:00 UTC |
| Description | Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
Risk And Classification
Problem Types: CWE-416
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 10.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 11.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 11.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 10.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 11.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 11.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Application | Mozilla | Firefox | All | All | All | All |
| Application | Mozilla | Firefox | All | All | All | All |
| Application | Mozilla | Firefox Esr | All | All | All | All |
| Application | Mozilla | Firefox Esr | All | All | All | All |
| Application | Mozilla | Seamonkey | All | All | All | All |
| Application | Mozilla | Seamonkey | All | All | All | All |
| Application | Mozilla | Thunderbird | All | All | All | All |
| Application | Mozilla | Thunderbird | All | All | All | All |
| Application | Mozilla | Thunderbird Esr | All | All | All | All |
| Application | Mozilla | Thunderbird Esr | All | All | All | All |
| Operating System | Opensuse | Opensuse | 11.4 | All | All | All |
| Operating System | Opensuse | Opensuse | 12.3 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 11.4 | All | All | All |
| Operating System | Opensuse | Opensuse | 12.3 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 6.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 6.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Sdk | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Sdk | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| USN-1611-1: Thunderbird vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| Security Advisory SA50936 - Mozilla Firefox / Thunderbird Multiple Vulnerabilities - Secunia | SECUNIA | secunia.com | Third Party Advisory |
| 786895 – (CVE-2012-4183) Heap-use-after-free in DOMSVGTests::GetRequiredFeatures | CONFIRM | bugzilla.mozilla.org | Issue Tracking, Vendor Advisory |
| About Secunia Research | Flexera | SECUNIA | secunia.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| About Secunia Research | Flexera | SECUNIA | secunia.com | Third Party Advisory |
| Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4183 Use After Free Memory Corruption Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| About Secunia Research | Flexera | SECUNIA | secunia.com | Third Party Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | Third Party Advisory |
| About Secunia Research | Flexera | SECUNIA | secunia.com | Third Party Advisory |
| 86095 | OSVDB | osvdb.org | Broken Link |
| Security Advisory SA50935 - Mozilla SeaMonkey Multiple Vulnerabilities - Secunia | SECUNIA | secunia.com | Third Party Advisory |
| Support / Security / Advisories / / MDVSA-2012:163 | Mandriva | MANDRIVA | www.mandriva.com | Third Party Advisory |
| Security Advisory SA50892 - Ubuntu update for firefox - Secunia | SECUNIA | secunia.com | Third Party Advisory |
| MFSA 2012-85: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer | CONFIRM | www.mozilla.org | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | Third Party Advisory, VDB Entry |
| [security-announce] SUSE-SU-2012:1351-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 690312 Free Berkeley Software Distribution (FreeBSD) Security Update for mozilla (6e5a9afd-12d3-11e2-b47d-c8600054b392)