Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
BID:53791
Info
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
| Bugtraq ID: | 53791 |
| Class: | Design Error |
| CVE: |
CVE-2012-1947 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 05 2012 12:00AM |
| Updated: | Mar 19 2015 09:07AM |
| Credit: | Abhishek Arya |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE openSUSE 12.1 SuSE openSUSE 11.4 RedHat Enterprise Linux Optional Productivity Application 5 server RedHat Enterprise Linux Desktop Workstation 5 client Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Mozilla Thunderbird ESR 10.0.4 Mozilla Thunderbird ESR 10.0.3 Mozilla Thunderbird ESR 10.0.2 Mozilla Thunderbird 3.1.20 Mozilla Thunderbird 3.1.14 Mozilla Thunderbird 3.1.13 Mozilla Thunderbird 3.1.12 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.5 Mozilla Thunderbird 3.1.4 Mozilla Thunderbird 3.0.11 Mozilla Thunderbird 3.0.9 Mozilla Thunderbird 3.0.9 Mozilla Thunderbird 3.0.8 Mozilla Thunderbird 3.0.5 Mozilla Thunderbird 3.0.4 Mozilla Thunderbird 3.0.2 Mozilla Thunderbird 3.0.1 Mozilla Thunderbird 9.0 Mozilla Thunderbird 8.0 Mozilla Thunderbird 7.0.1 Mozilla Thunderbird 7.0 Mozilla Thunderbird 6.0.2 Mozilla Thunderbird 6.0.1 Mozilla Thunderbird 6.0 Mozilla Thunderbird 6 Mozilla Thunderbird 6 Mozilla Thunderbird 5.0 Mozilla Thunderbird 5 Mozilla Thunderbird 3.3 Mozilla Thunderbird 3.3 Mozilla Thunderbird 3.1.9 Mozilla Thunderbird 3.1.8 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.6 Mozilla Thunderbird 3.1.3 Mozilla Thunderbird 3.1.2 Mozilla Thunderbird 3.1.19 Mozilla Thunderbird 3.1.18 Mozilla Thunderbird 3.1.18 Mozilla Thunderbird 3.1.17 Mozilla Thunderbird 3.1.16 Mozilla Thunderbird 3.1.15 Mozilla Thunderbird 3.1.11 Mozilla Thunderbird 3.1.10 Mozilla Thunderbird 3.1.1 Mozilla Thunderbird 3.1 Mozilla Thunderbird 3.0.7 Mozilla Thunderbird 3.0.6 Mozilla Thunderbird 3.0.4 Mozilla Thunderbird 3.0.3 Mozilla Thunderbird 3.0.11 Mozilla Thunderbird 3.0.10 Mozilla Thunderbird 3.0 Mozilla Thunderbird 12.0 Mozilla Thunderbird 11.0 Mozilla Thunderbird 10.0.2 Mozilla Thunderbird 10.0.1 Mozilla Thunderbird 10.0 Mozilla Thunderbird 10.0 Mozilla SeaMonkey 2.0.11 Mozilla SeaMonkey 2.0.9 Mozilla SeaMonkey 2.0.8 Mozilla SeaMonkey 2.0.5 Mozilla SeaMonkey 2.0.4 Mozilla SeaMonkey 2.0.3 Mozilla SeaMonkey 2.0.2 Mozilla SeaMonkey 2.0.1 Mozilla SeaMonkey 2.9 Mozilla SeaMonkey 2.8 Mozilla SeaMonkey 2.7.2 Mozilla SeaMonkey 2.7.1 Mozilla SeaMonkey 2.7 Mozilla SeaMonkey 2.6 Mozilla SeaMonkey 2.5 Mozilla SeaMonkey 2.4 Mozilla SeaMonkey 2.3 Mozilla SeaMonkey 2.2 Mozilla SeaMonkey 2.1b2 Mozilla SeaMonkey 2.1 Alpha3 Mozilla SeaMonkey 2.1 Alpha2 Mozilla SeaMonkey 2.1 Alpha1 Mozilla SeaMonkey 2.1 Mozilla SeaMonkey 2.0.9 Mozilla SeaMonkey 2.0.7 Mozilla SeaMonkey 2.0.6 Mozilla SeaMonkey 2.0.5 Mozilla SeaMonkey 2.0.4 Mozilla SeaMonkey 2.0.14 Mozilla SeaMonkey 2.0.13 Mozilla SeaMonkey 2.0.12 Mozilla SeaMonkey 2.0.10 Mozilla SeaMonkey 2.0 Rc2 Mozilla SeaMonkey 2.0 Rc1 Mozilla SeaMonkey 2.0 Beta 2 Mozilla SeaMonkey 2.0 Beta 1 Mozilla SeaMonkey 2.0 Alpha 3 Mozilla SeaMonkey 2.0 Alpha 2 Mozilla SeaMonkey 2.0 Alpha 1 Mozilla SeaMonkey 2.0 Mozilla Firefox ESR 10.0.4 Mozilla Firefox ESR 10.0.3 Mozilla Firefox ESR 10.0.2 Mozilla Firefox 9.0.1 Mozilla Firefox 3.6.28 Mozilla Firefox 3.6.22 Mozilla Firefox 3.6.13 Mozilla Firefox 3.6.10 Mozilla Firefox 3.6.9 Mozilla Firefox 3.6.8 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.4 Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.2 Mozilla Firefox 3.5.17 Mozilla Firefox 3.5.16 Mozilla Firefox 3.5.14 Mozilla Firefox 3.5.13 Mozilla Firefox 3.5.10 Mozilla Firefox 3.5.9 Mozilla Firefox 3.5.8 Mozilla Firefox 3.5.7 Mozilla Firefox 3.5.6 Mozilla Firefox 3.5.5 Mozilla Firefox 3.5.4 Mozilla Firefox 3.5.3 Mozilla Firefox 3.5.2 Mozilla Firefox 3.5.1 Mozilla Firefox 3.5 Mozilla Firefox 3.0.18 Mozilla Firefox 3.0.17 Mozilla Firefox 3.0.16 Mozilla Firefox 3.0.15 Mozilla Firefox 3.0.14 Mozilla Firefox 3.0.13 Mozilla Firefox 3.0.12 Mozilla Firefox 3.0.11 Mozilla Firefox 3.0.10 Mozilla Firefox 3.0.9 Mozilla Firefox 3.0.8 Mozilla Firefox 3.0.7 Beta Mozilla Firefox 3.0.7 Mozilla Firefox 3.0.6 Mozilla Firefox 3.0.5 Mozilla Firefox 3.0.4 Mozilla Firefox 3.0.3 Mozilla Firefox 3.0.2 Mozilla Firefox 3.0.1 Mozilla Firefox 9.0 Mozilla Firefox 8.0.1 Mozilla Firefox 8.0 Mozilla Firefox 7.0.1 Mozilla Firefox 7.0 Mozilla Firefox 7 Mozilla Firefox 6.0.2 Mozilla Firefox 6.0.1 Mozilla Firefox 6.0 Mozilla Firefox 6 Mozilla Firefox 5.0.1 Mozilla Firefox 5.0 Mozilla Firefox 4.0.1 Mozilla Firefox 4.0 Beta9 Mozilla Firefox 4.0 Beta8 Mozilla Firefox 4.0 Beta7 Mozilla Firefox 4.0 Beta6 Mozilla Firefox 4.0 Beta5 Mozilla Firefox 4.0 Beta4 Mozilla Firefox 4.0 Beta3 Mozilla Firefox 4.0 Beta12 Mozilla Firefox 4.0 Beta11 Mozilla Firefox 4.0 Beta10 Mozilla Firefox 4.0 Beta1 Mozilla Firefox 4.0 Mozilla Firefox 3.6.7 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.27 Mozilla Firefox 3.6.26 Mozilla Firefox 3.6.25 Mozilla Firefox 3.6.24 Mozilla Firefox 3.6.23 Mozilla Firefox 3.6.21 Mozilla Firefox 3.6.20 Mozilla Firefox 3.6.19 Mozilla Firefox 3.6.18 Mozilla Firefox 3.6.17 Mozilla Firefox 3.6.16 Mozilla Firefox 3.6.15 Mozilla Firefox 3.6.14 Mozilla Firefox 3.6.12 Mozilla Firefox 3.6.11 Mozilla Firefox 3.6 Beta 3 Mozilla Firefox 3.6 Beta 2 Mozilla Firefox 3.6 Mozilla Firefox 3.5.19 Mozilla Firefox 3.5.18 Mozilla Firefox 3.5.17 Mozilla Firefox 3.5.15 Mozilla Firefox 3.5.12 Mozilla Firefox 3.5.11 Mozilla Firefox 3.1 Beta 3 Mozilla Firefox 3.1 Beta 2 Mozilla Firefox 3.1 Beta 1 Mozilla Firefox 3.0.19 Mozilla Firefox 3.0 Beta 5 Mozilla Firefox 3.0 Mozilla Firefox 12.0 Mozilla Firefox 11.0 Mozilla Firefox 10.0.2 Mozilla Firefox 10.0.1 Mozilla Firefox 10.0 Mozilla Firefox 10 Moonchild Productions Pale Moon 12.0 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 |
| Not Vulnerable: |
Mozilla Thunderbird ESR 10.0.5 Mozilla Thunderbird 13.0 Mozilla SeaMonkey 2.10 Mozilla Firefox ESR 10.0.5 Mozilla Firefox 13.0 |
Discussion
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed attempts may lead to a denial-of-service condition.
Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed attempts may lead to a denial-of-service condition.
References
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
References:
References:
- Cisco NX-OS Download Page (Cisco)
- Pale Moon Release Notes (Moonchild Productions)
- SeaMonkey Homepage (Mozilla)
- ASA-2012-284: firefox security update (RHSA-2012-0710) (Avaya)
- Cisco NX-OS Software TACACS+ Command Authorization Vulnerability (Cisco)
- Mozilla Foundation Security Advisory 2012-40 (Mozilla)