CVE-2012-1940

Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html
http://rhn.redhat.com/errata/RHSA-2012-0710.html
http://rhn.redhat.com/errata/RHSA-2012-0715.html
http://www.debian.org/security/2012/dsa-2488
http://www.debian.org/security/2012/dsa-2489
http://www.debian.org/security/2012/dsa-2499
http://www.mandriva.com/security/advisories?name=MDVSA-2012:088
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html	Vendor Advisory
http://www.securityfocus.com/bid/53794
https://bugzilla.mozilla.org/show_bug.cgi?id=747688
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17054

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox:4.0:::::::*
	cpe:2.3:a:mozilla:firefox:4.0:beta1::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta10::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta11::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta12::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta2::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta3::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta4::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta5::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta6::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta7::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta8::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta9::::::
	cpe:2.3:a:mozilla:firefox:4.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:5.0:::::::*
	cpe:2.3:a:mozilla:firefox:5.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:6.0:::::::*
	cpe:2.3:a:mozilla:firefox:6.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:6.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:7.0:::::::*
	cpe:2.3:a:mozilla:firefox:7.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:8.0:::::::*
	cpe:2.3:a:mozilla:firefox:8.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:9.0:::::::*
	cpe:2.3:a:mozilla:firefox:9.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:10.0:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:11.0:::::::*
	cpe:2.3:a:mozilla:firefox:12.0:::::::*
	cpe:2.3:a:mozilla:firefox:12.0:beta6::::::
	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.12:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.13:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.14:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2::::::
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.2:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.2:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.2:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.3:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.3:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.3.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.4:::::::*
cpe:2.3:a:mozilla:seamonkey:2.4:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.4:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.4:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.4.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.5:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.6:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.6.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta5::::::
cpe:2.3:a:mozilla:seamonkey:2.7.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.8:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta5::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta6::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta3::::::
cpe:2.3:a:mozilla:thunderbird:5.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:8.0:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:11.0:::::::*
cpe:2.3:a:mozilla:thunderbird:12.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:::::::*

History

21 Oct 2024, 13:55

Type	Values Removed	Values Added
CPE	cpe:2.3:a:mozilla:firefox_esr:10.0.2:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.1:::::::*

21 Oct 2024, 13:11

Type	Values Removed	Values Added
CPE	cpe:2.3:a:mozilla:firefox_esr:10.0.4:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.3:::::::*	cpe:2.3:a:mozilla:firefox:10.0.3:::::::* cpe:2.3:a:mozilla:firefox:10.0.4:::::::*

Information

Published : 2012-06-05 23:55

Updated : 2024-10-21 13:55

NVD link : CVE-2012-1940

Mitre link : CVE-2012-1940

CVE.ORG link : CVE-2012-1940

JSON object : View

Products Affected

mozilla

thunderbird_esr
firefox
seamonkey
thunderbird

CWE

CWE-399

Resource Management Errors

9.3 /10