CVE-2012-0468 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Seamonkey

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

10.0CRITICALNVD

EPSS

2.5%

top 14.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedApr 25

Latest updateMay 4

Description

The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDmozilla/seamonkey2.9+64

▶NVDmozilla/firefox17 versions+16

▶NVDmozilla/thunderbird15 versions+14

🔴Vulnerability Details

GHSA

GHSA-gj4g-fgvc-6grf: The browser engine in Mozilla Firefox 4↗2022-05-04

▶

CVEList

CVE-2012-0468: The browser engine in Mozilla Firefox 4↗2012-04-25

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2012-05-04

▶

Ubuntu

ubufox update↗2012-04-27

▶

Ubuntu

Firefox vulnerabilities↗2012-04-27

▶

Red Hat

Mozilla: Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4) (MFSA 2012-20)↗2012-04-24

▶

💬Community

Bugzilla

CVE-2012-0467 CVE-2012-0468 Mozilla: Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4) (MFSA 2012-20)↗2012-04-22

▶