CVE-2012-0459 — Mozilla Seamonkey vulnerability

CWE-26410 documents6 sources

Severity

7.5HIGHNVD

EPSS

3.4%

top 12.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Firefox Mozilla Firefox ESR +2 more

Timeline

PublishedMar 14

Latest updateMay 4

Description

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶NVDmozilla/firefox14 versions+13

▶NVDmozilla/firefox_esr10.1, 10.2+1

▶NVDmozilla/thunderbird9 versions+8

▶NVDmozilla/thunderbird_esr10.0, 10.0.1, 10.0.2+2

▶NVDmozilla/seamonkey2.7+60

🔴Vulnerability Details

GHSA

GHSA-fvwj-74w8-g42q: The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4↗2022-05-04

▶

CVEList

CVE-2012-0459: The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4↗2012-03-14

▶

📋Vendor Advisories

Ubuntu

GSettings desktop schemas regression↗2012-04-20

▶

Ubuntu

Thunderbird regressions↗2012-04-03

▶

Ubuntu

Thunderbird vulnerabilities↗2012-03-21

▶

Ubuntu

ubufox update↗2012-03-16

▶

Ubuntu

Firefox vulnerabilities↗2012-03-16

▶

💬Community

Bugzilla

CVE-2012-0459 Mozilla: Crash when accessing keyframe cssText after dynamic modification (MFSA 2012-17)↗2012-03-14

▶