Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-3989
HistoryOct 10, 2012 - 5:55 p.m.

CVE-2012-3989

2012-10-1017:55:01
CWE-119
[email protected]
web.nvd.nist.gov
36
cve-2012-3989
mozilla firefox
thunderbird
seamonkey
instance type confusion
vulnerability
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.

Affected configurations

NVD
Node
mozillafirefoxRange<16.0
OR
mozillaseamonkeyRange<2.13
OR
mozillathunderbirdRange<16.0
Node
canonicalubuntu_linuxMatch10.04
OR
canonicalubuntu_linuxMatch11.04
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04esm
Node
suselinux_enterprise_desktopMatch10sp4-
OR
suselinux_enterprise_desktopMatch11sp2
OR
suselinux_enterprise_serverMatch10sp4-
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_serverMatch11sp2vmware

Related

openvas 24
cvelist 1
prion 1
ubuntucve 1
nvd 1
mozilla 1
nessus 19
ubuntu 2
suse 3
freebsd 1
securityvulns 1
gentoo 1
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2012-80) - Linux
2021-11-11 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities - Oct 12 (Mac OS X)
2013-07-12 00:00:00
Mozilla Seamonkey Multiple Vulnerabilities (Oct 2012) - Mac OS X
2013-07-12 00:00:00
cvelist
cvelist
CVE-2012-3989
2012-10-10 17:00:00
prion
prion
Code injection
2012-10-10 17:55:00
ubuntucve
ubuntucve
CVE-2012-3989
2012-10-09 00:00:00
nvd
nvd
CVE-2012-3989
2012-10-10 17:55:01
mozilla
mozilla
Crash with invalid cast when using instanceof operator — Mozilla
2012-10-09 00:00:00
nessus
nessus
Mozilla Thunderbird < 16.0 Multiple Vulnerabilities
2012-10-17 00:00:00
Firefox < 16.0 Multiple Vulnerabilities
2012-10-17 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1600-1)
2012-10-10 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2012-10-09 00:00:00
Thunderbird vulnerabilities
2012-10-12 00:00:00
suse
suse
MozillaFirefox: update to Firefox 16.0.1 (important)
2012-10-15 15:08:30
Security update for Mozilla Firefox (important)
2012-10-16 22:08:48
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-09 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON
Related for CVE-2012-3989
openvas24cvelist1prion1ubuntucve1nvd1mozilla1nessus19ubuntu2suse3freebsd1securityvulns1gentoo1