CVE-2012-1947

HIGH

Description

Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.

ID	Name	Product	Family	Severity
74655	openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nss / etc (openSUSE-SU-2012:0760-1)	Nessus	SuSE Local Security Checks	critical
68536	Oracle Linux 6 : thunderbird (ELSA-2012-0715)	Nessus	Oracle Linux Local Security Checks	critical
68535	Oracle Linux 5 / 6 : firefox (ELSA-2012-0710)	Nessus	Oracle Linux Local Security Checks	critical
64208	SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 6425)	Nessus	SuSE Local Security Checks	critical
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
59767	Debian DSA-2489-1 : iceape - several vulnerabilities	Nessus	Debian Local Security Checks	high
59766	Debian DSA-2488-1 : iceweasel - several vulnerabilities	Nessus	Debian Local Security Checks	high
59725	Ubuntu 11.04 : thunderbird vulnerabilities (USN-1463-6)	Nessus	Ubuntu Local Security Checks	critical
59681	Mandriva Linux Security Advisory : mozilla (MDVSA-2012:088-1)	Nessus	Mandriva Local Security Checks	critical
59654	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : thunderbird vulnerabilities (USN-1463-4)	Nessus	Ubuntu Local Security Checks	critical
59640	Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox regressions (USN-1463-3)	Nessus	Ubuntu Local Security Checks	critical
59520	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8189)	Nessus	SuSE Local Security Checks	critical
801375	Mozilla SeaMonkey 2.x < 2.10 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
6496	SeaMonkey 2.x < 2.10 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
59412	CentOS 5 / 6 : thunderbird (CESA-2012:0715)	Nessus	CentOS Local Security Checks	critical
801297	Mozilla Firefox 12.x < 12 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801240	Mozilla Thunderbird 12.x < 12 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
59411	SeaMonkey < 2.10.0 Multiple Vulnerabilities	Nessus	Windows	high
59410	Mozilla Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities	Nessus	Windows	high
59409	Mozilla Thunderbird < 13.0 Multiple Vulnerabilities	Nessus	Windows	high
59408	Firefox 10.0.x < 10.0.5 Multiple Vulnerabilities	Nessus	Windows	high
59407	Firefox < 13.0 Multiple Vulnerabilities	Nessus	Windows	high
59406	Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
59405	Thunderbird < 13.0 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
59404	Firefox < 10.0.5 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
59403	Firefox < 13.0 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
59394	Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1463-1)	Nessus	Ubuntu Local Security Checks	critical
59392	RHEL 5 / 6 : thunderbird (RHSA-2012:0715)	Nessus	Red Hat Local Security Checks	critical
59388	CentOS 5 / 6 : firefox (CESA-2012:0710)	Nessus	CentOS Local Security Checks	critical
6498	Mozilla Thunderbird < 13.0 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
6497	Mozilla Firefox < 13.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
59383	RHEL 5 / 6 : firefox (RHSA-2012:0710)	Nessus	Red Hat Local Security Checks	critical
59381	FreeBSD : mozilla -- multiple vulnerabilities (bfecf7c1-af47-11e1-9580-4061862b8c22)	Nessus	FreeBSD Local Security Checks	critical

CVE-2012-1947

Description

References

Details

Risk Information

CVSS v2.0