10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.713 High
EPSS
Percentile
98.1%
Versions of Firefox 16.x are potentially affected by the following security issues :
Multiple memory-corruption vulnerabilities in the browser engine that could lead to arbitrary code execution. (CVE-2012-3982, CVE-2012-3983, CVE-2012-4191)
A URI-spoofing vulnerability due to an error when handling the ‘<select>’ dropdown menu. This issue can be exploited to display arbitrary content while showing the URL of another site. An attacker can also exploit this issue to cause click jacking attacks. (CVE-2012-3984)
A security-bypass vulnerability exists because it fails to properly enforce the same-origin policy. Specifically, the error occurs when handling ‘document.domain’. An attacker can exploit this issue to execute cross-site scripting attacks. (CVE-2012-3985)
Multiple security bypass vulnerabilities exists in the ‘nsDOMWindowUtils’ methods. (CVE-2012-3986)
A cross-site scripting vulnerability exists because it fails to sufficiently sanitize user-supplied input. Specifically, this issue occurs when transitioning into Reader Mode. Note: This issue affects only Firefox for Android. CVE-2012-3987)
A use-after-free issue occurs when invoking full screen mode and navigating backwards in history. (CVE-2012-3988)
A denial-of-service vulnerability that occurs due to invalid cast error. Specifically, this issue occurs when using the instanceof operator on certain JavaScript objects. (CVE-2012-3989)
A security-bypass vulnerability exists because it fails to properly enforce the cross-origin policy. Specifically, this issue occurs when invoking the ‘GetProperty()’ function through JSAPI. An attacker can exploit this issue to perform arbitrary code-execution. (CVE-2012-3991)
A cross-site scripting vulnerability exists because it fails to sufficiently sanitize user-supplied input. Specifically, this issue occurs when handling the ‘location’ property through binary plugins. (CVE-2012-3994)
A security-bypass vulnerability exists because of an error in the Chrome Object Wrapper (COW) when handling the ‘InstallTrigger’ object. An attacker can exploit this issue to access certain privileged functions and properties. (CVE-2012-4184, CVE-2012-3993)
An arbitrary code-execution occurs when handling the ‘location.hash’ property and history navigation. (CVE-2012-3992)
An out-of-bounds read error affects the ‘IsCSSWordSpacingSpace()’ function. (CVE-2012-3995)
A use-after-free error affects the ‘nsHTMLCSSUtils::CreateCSSPropertyTxn()’ function. (CVE-2012-4179)
A heap-based buffer-overflow vulnerability exists in the ‘nsHTMLEditor::IsPrevCharInNodeWhitespace()’ function. (CVE-2012-4180)
A use-after-free error affects the ‘nsSMILAnimationController::DoSample()’ function. (CVE-2012-4181)
A use-after-free error affects the ‘nsTextEditRules::WillInsert()’ function. (CVE-2012-4182)
A use-after-free error affects the ‘DOMSVGTests::GetRequiredFeatures()’ function. (CVE-2012-4183)
A buffer-overflow vulnerability exists in the ‘nsCharTraits::length()’ function. (CVE-2012-4185)
A heap-based buffer-overflow vulnerability exists in the 'nsWaveReader::DecodeAudioData()" function. (CVE-2012-4186)
A memory-corruption vulnerability exists in the ‘insPos’ property. (CVE-2012-4187)
A heap-based buffer-overflow exists in the ‘Convolve3x3()’ function. (CVE-2012-4188)
A use-after-free error affects the ‘nsIContent::GetNameSpaceID()’ function. (CVE-2012-3990)
A cross domain information disclosure exists due to improper access to the ‘location’ object. (CVE-2012-4192)
A security-bypass vulnerability exists due to an error in security wrappers does not unwrap the ‘defaultValue()’ function properly. An attacker can exploit this issue to gain access to the ‘location’ object. (CVE-2012-4193)
These vulnerabilities allow attackers to execute arbitrary script or HTML code, steal cookie-based authentication credentials, conduct phishing attacks, execute arbitrary code in the context of the vulnerable application, crash affected applications, obtain potentially sensitive information, gain escalated privileges, bypass security restrictions, and perform unauthorized actions; other attacks may also be possible.
Binary data 801301.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3984
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3987
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5354
www.mozilla.org/security/announce/2012/mfsa2012-74.html
www.mozilla.org/security/announce/2012/mfsa2012-75.html
www.mozilla.org/security/announce/2012/mfsa2012-76.html
www.mozilla.org/security/announce/2012/mfsa2012-77.html
www.mozilla.org/security/announce/2012/mfsa2012-78.html
www.mozilla.org/security/announce/2012/mfsa2012-79.html
www.mozilla.org/security/announce/2012/mfsa2012-80.html
www.mozilla.org/security/announce/2012/mfsa2012-81.html
www.mozilla.org/security/announce/2012/mfsa2012-82.html
www.mozilla.org/security/announce/2012/mfsa2012-83.html
www.mozilla.org/security/announce/2012/mfsa2012-84.html
www.mozilla.org/security/announce/2012/mfsa2012-85.html
www.mozilla.org/security/announce/2012/mfsa2012-86.html
www.mozilla.org/security/announce/2012/mfsa2012-87.html