Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2012-4215

Exploit
  • EPSS 2.34%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote ...

9.3

CVE-2012-4216

Exploit
  • EPSS 4.11%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to exe...

9.3

CVE-2012-4217

Exploit
  • EPSS 2.14%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap ...

10

CVE-2012-4218

  • EPSS 1.53%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service ...

4.3

CVE-2012-4201

Exploit
  • EPSS 1.96%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code...

9.3

CVE-2012-4202

  • EPSS 3.49%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attacker...

9.3

CVE-2012-4204

Exploit
  • EPSS 2.25%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cr...

6.8

CVE-2012-4205

  • EPSS 0.8%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site reques...

6.8

CVE-2012-4564

Exploit
  • EPSS 27.17%
  • Veröffentlicht 11.11.2012 13:00:58
  • Zuletzt bearbeitet 29.04.2026 01:13:23

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory...

5.9

CVE-2012-5821

Exploit
  • EPSS 0.24%
  • Veröffentlicht 04.11.2012 22:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.