Lucene search

MitreCVE-2012-3957

HistoryAug 29, 2012 - 10:56 a.m.

CVE-2012-3957

2012-08-2910:56:40

CWE-787

mitre

web.nvd.nist.gov

cve-2012-3957

buffer overflow

mozilla firefox

security vulnerability

remote code execution

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.6

Confidence

High

EPSS

0.053

Percentile

93.1%

JSON

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

mozillafirefoxRange<15.0

mozillafirefox_esrRange10.0–10.0.7

mozillaseamonkeyRange<2.12

mozillathunderbirdRange<15.0

mozillathunderbird_esrRange10.0–10.0.7

Node

opensuseopensuseMatch12.2

suselinux_enterprise_desktopMatch10sp4-

suselinux_enterprise_desktopMatch11sp2

suselinux_enterprise_serverMatch10sp4-

suselinux_enterprise_serverMatch11sp2-

suselinux_enterprise_serverMatch11sp2vmware

suselinux_enterprise_software_development_kitMatch11sp2

Node

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_eusMatch6.3

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_eusMatch6.3

redhatenterprise_linux_workstationMatch5.0

redhatenterprise_linux_workstationMatch6.0

Node

canonicalubuntu_linuxMatch10.04

canonicalubuntu_linuxMatch11.04

canonicalubuntu_linuxMatch11.10

canonicalubuntu_linuxMatch12.04esm

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox_esr*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
mozillathunderbird_esr*cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
opensuseopensuse12.2cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
suselinux_enterprise_desktop10cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
suselinux_enterprise_desktop11cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
suselinux_enterprise_server10cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox_esr	*	cpe:2.3:a:mozilla:firefox_esr::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::
mozilla	thunderbird	*	cpe:2.3:a:mozilla:thunderbird::::::::
mozilla	thunderbird_esr	*	cpe:2.3:a:mozilla:thunderbird_esr::::::::
opensuse	opensuse	12.2	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
suse	linux_enterprise_desktop	10	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*
suse	linux_enterprise_desktop	11	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::
suse	linux_enterprise_server	10	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::-:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::*