10
CVE-2012-0470
- EPSS 10.1%
- Veröffentlicht 25.04.2012 10:10:17
- Zuletzt bearbeitet 16.06.2026 23:37:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version5.0
Mozilla ≫ Thunderbird Version6.0
Mozilla ≫ Thunderbird Version6.0.1
Mozilla ≫ Thunderbird Version6.0.2
Mozilla ≫ Thunderbird Version7.0
Mozilla ≫ Thunderbird Version7.0.1
Mozilla ≫ Thunderbird Version8.0
Mozilla ≫ Thunderbird Version9.0
Mozilla ≫ Thunderbird Version9.0.1
Mozilla ≫ Thunderbird Version10.0
Mozilla ≫ Thunderbird Version10.0.1
Mozilla ≫ Thunderbird Version10.0.2
Mozilla ≫ Thunderbird Version10.0.3
Mozilla ≫ Thunderbird Version10.0.4
Mozilla ≫ Thunderbird Version11.0
Mozilla ≫ Thunderbird Esr Version10.0
Mozilla ≫ Thunderbird Esr Version10.0.1
Mozilla ≫ Thunderbird Esr Version10.0.2
Mozilla ≫ Thunderbird Esr Version10.0.3
Mozilla ≫ Thunderbird Esr Version10.0.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.1% | 0.95 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/48972
http://secunia.com/advisories/49047
http://secunia.com/advisories/49055
http://secunia.com/advisories/48920
http://www.debian.org/security/2012/dsa-2458
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
http://secunia.com/advisories/48922
http://www.debian.org/security/2012/dsa-2457
http://www.debian.org/security/2012/dsa-2464
http://www.mozilla.org/security/announce/2012/mfsa2012-23.html
http://www.securityfocus.com/bid/53225
https://bugzilla.mozilla.org/show_bug.cgi?id=734288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16989