CVE-2012-1938

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.

References

http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html

http://rhn.redhat.com/errata/RHSA-2012-0710.html

http://rhn.redhat.com/errata/RHSA-2012-0715.html

http://www.mandriva.com/security/advisories?name=MDVSA-2012:088

http://www.mozilla.org/security/announce/2012/mfsa2012-34.html

http://www.securityfocus.com/bid/53796

https://bugzilla.mozilla.org/show_bug.cgi?id=670317

https://bugzilla.mozilla.org/show_bug.cgi?id=699594

https://bugzilla.mozilla.org/show_bug.cgi?id=708688

https://bugzilla.mozilla.org/show_bug.cgi?id=716067

https://bugzilla.mozilla.org/show_bug.cgi?id=718852

https://bugzilla.mozilla.org/show_bug.cgi?id=723773

https://bugzilla.mozilla.org/show_bug.cgi?id=723971

https://bugzilla.mozilla.org/show_bug.cgi?id=730415

https://bugzilla.mozilla.org/show_bug.cgi?id=736012

https://bugzilla.mozilla.org/show_bug.cgi?id=748948

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17058

Details

Source: MITRE

Published: 2012-06-05

Updated: 2020-08-28

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
74655openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nss / etc (openSUSE-SU-2012:0760-1)NessusSuSE Local Security Checks
critical
68536Oracle Linux 6 : thunderbird (ELSA-2012-0715)NessusOracle Linux Local Security Checks
critical
68535Oracle Linux 5 / 6 : firefox (ELSA-2012-0710)NessusOracle Linux Local Security Checks
critical
64208SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 6425)NessusSuSE Local Security Checks
critical
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
59725Ubuntu 11.04 : thunderbird vulnerabilities (USN-1463-6)NessusUbuntu Local Security Checks
critical
59681Mandriva Linux Security Advisory : mozilla (MDVSA-2012:088-1)NessusMandriva Local Security Checks
critical
59654Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : thunderbird vulnerabilities (USN-1463-4)NessusUbuntu Local Security Checks
critical
59640Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox regressions (USN-1463-3)NessusUbuntu Local Security Checks
critical
59520SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8189)NessusSuSE Local Security Checks
critical
801375Mozilla SeaMonkey 2.x < 2.10 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6496SeaMonkey 2.x < 2.10 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
59412CentOS 5 / 6 : thunderbird (CESA-2012:0715)NessusCentOS Local Security Checks
critical
801297Mozilla Firefox 12.x < 12 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801240Mozilla Thunderbird 12.x < 12 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
6498Mozilla Thunderbird < 13.0 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
high
6497Mozilla Firefox < 13.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
59411SeaMonkey < 2.10.0 Multiple VulnerabilitiesNessusWindows
high
59409Mozilla Thunderbird < 13.0 Multiple VulnerabilitiesNessusWindows
high
59407Firefox < 13.0 Multiple VulnerabilitiesNessusWindows
high
59405Thunderbird < 13.0 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
59403Firefox < 13.0 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
59394Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1463-1)NessusUbuntu Local Security Checks
critical
59392RHEL 5 / 6 : thunderbird (RHSA-2012:0715)NessusRed Hat Local Security Checks
critical
59388CentOS 5 / 6 : firefox (CESA-2012:0710)NessusCentOS Local Security Checks
critical
59383RHEL 5 / 6 : firefox (RHSA-2012:0710)NessusRed Hat Local Security Checks
critical
59381FreeBSD : mozilla -- multiple vulnerabilities (bfecf7c1-af47-11e1-9580-4061862b8c22)NessusFreeBSD Local Security Checks
critical