1. Home
  2. Vulnerabilities
  3. CVE-2012-0449

CVE-2012-0449

CVSS v2.0 9.3 (High)
93% Progress
EPSS 1.80 % (88th)
1.80% Progress
Affected Products 8
Advisories 10
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2012-02-01 16:55:01
(12 years ago)
Updated Date
2020-08-28 13:14:11
(4 years ago)

Affected Products

Debian

Mozilla

Opensuse

Suse

Configuration #1

    CPE23 From Up To
  Mozilla Firefox prior 3.6.26 version cpe:2.3:a:mozilla:firefox < 3.6.26
  Mozilla Firefox from 4.0 version and prior 10.0 version cpe:2.3:a:mozilla:firefox >= 4.0 < 10.0
  Mozilla Seamonkey prior 2.7 version cpe:2.3:a:mozilla:seamonkey < 2.7
  Mozilla Thunderbird prior 3.1.18 version cpe:2.3:a:mozilla:thunderbird < 3.1.18
  Mozilla Thunderbird from 5.0 version and prior 10.0 version cpe:2.3:a:mozilla:thunderbird >= 5.0 < 10.0

Configuration #2

    CPE23 From Up To
  Debian Linux 5.0 cpe:2.3:o:debian:debian_linux:5.0
  Debian Linux 6.0 cpe:2.3:o:debian:debian_linux:6.0

Configuration #3

    CPE23 From Up To
  Opensuse 11.4 cpe:2.3:o:opensuse:opensuse:11.4
  Suse Linux Enterprise Desktop 10 SP4 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4
  Suse Linux Enterprise Desktop 11 SP1 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1
  Suse Linux Enterprise Server 10 SP4 cpe:2.3:o:suse:linux_enterprise_server:10:sp4
  Suse Linux Enterprise Server 11 SP1 cpe:2.3:o:suse:linux_enterprise_server:11:sp1
  Suse Linux Enterprise Server 11 SP1 for Vmware cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware
  Suse Linux Enterprise Software Development Kit 10 SP4 cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4
  Suse Linux Enterprise Software Development Kit 11 SP1 cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1