1. Home
  2. Vulnerabilities
  3. CVE-2012-0444

CVE-2012-0444

CVSS v2.0 10 (High)
100% Progress
EPSS 88.55 % (99th)
88.55% Progress
Affected Products 9
Advisories 13
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2012-02-01 16:55:01
(12 years ago)
Updated Date
2020-08-28 13:12:55
(4 years ago)

Affected Products

Canonical

Debian

Mozilla

Opensuse

Suse

Configuration #1

    CPE23 From Up To
  Mozilla Firefox prior 3.6.26 version cpe:2.3:a:mozilla:firefox < 3.6.26
  Mozilla Firefox from 4.0 version and prior 10.0 version cpe:2.3:a:mozilla:firefox >= 4.0 < 10.0
  Mozilla Seamonkey prior 2.7 version cpe:2.3:a:mozilla:seamonkey < 2.7
  Mozilla Thunderbird prior 3.1.18 version cpe:2.3:a:mozilla:thunderbird < 3.1.18
  Mozilla Thunderbird from 5.0 version and prior 10.0 version cpe:2.3:a:mozilla:thunderbird >= 5.0 < 10.0

Configuration #2

    CPE23 From Up To
  Debian Linux 5.0 cpe:2.3:o:debian:debian_linux:5.0
  Debian Linux 6.0 cpe:2.3:o:debian:debian_linux:6.0

Configuration #3

    CPE23 From Up To
  Opensuse 11.4 cpe:2.3:o:opensuse:opensuse:11.4
  Suse Linux Enterprise Desktop 10 SP4 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4
  Suse Linux Enterprise Desktop 11 SP1 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1
  Suse Linux Enterprise Server 10 SP4 cpe:2.3:o:suse:linux_enterprise_server:10:sp4
  Suse Linux Enterprise Server 11 SP1 cpe:2.3:o:suse:linux_enterprise_server:11:sp1
  Suse Linux Enterprise Server 11 SP1 for Vmware cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware
  Suse Linux Enterprise Software Development Kit 10 SP4 cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4
  Suse Linux Enterprise Software Development Kit 11 SP1 cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1

Configuration #4

    CPE23 From Up To
  Canonical Ubuntu Linux 10.04 cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-
  Canonical Ubuntu Linux 10.10 cpe:2.3:o:canonical:ubuntu_linux:10.10
  Canonical Ubuntu Linux 11.04 cpe:2.3:o:canonical:ubuntu_linux:11.04
  Canonical Ubuntu Linux 11.10 cpe:2.3:o:canonical:ubuntu_linux:11.10