CVE-2012-3105 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Seamonkey
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents5 sources
Severity
9.3CRITICALNVD
CNA10.0
EPSS
3.2%
top 12.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 5
Latest updateMay 17
Description
The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not properly mitigate an unspecified flaw in an NVIDIA driver, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a related issue to CVE-2011-3101.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages4 packages
🔴Vulnerability Details
4📋Vendor Advisories
2💬Community
3Bugzilla▶
CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-3105 Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)↗2012-06-03