CVE-2012-3995high
Description
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
References
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
http://rhn.redhat.com/errata/RHSA-2012-1351.html
http://secunia.com/advisories/50856
http://secunia.com/advisories/50892
http://secunia.com/advisories/50904
http://secunia.com/advisories/50935
http://secunia.com/advisories/50936
http://secunia.com/advisories/50984
http://secunia.com/advisories/55318
http://www.mandriva.com/security/advisories?name=MDVSA-2012:163
http://www.mozilla.org/security/announce/2012/mfsa2012-85.html
http://www.securityfocus.com/bid/56136
http://www.ubuntu.com/usn/USN-1611-1
https://bugzilla.mozilla.org/show_bug.cgi?id=765621
https://exchange.xforce.ibmcloud.com/vulnerabilities/79156
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16808