CVE-2012-1939

CVSS v2.0 9.3 (High)

EPSS 4.06 % (92^th)

Affected Products 2

Advisories 6

jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2012-06-05 23:55:01
(12 years ago)
Updated Date: 2017-12-29 02:29:14
(6 years ago)

Affected Products

Mozilla

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox Esr 10.0	cpe:2.3:a:mozilla:firefox_esr:10.0
	Mozilla Firefox Esr 10.0.1	cpe:2.3:a:mozilla:firefox_esr:10.0.1
	Mozilla Firefox Esr 10.0.2	cpe:2.3:a:mozilla:firefox_esr:10.0.2
	Mozilla Firefox Esr 10.0.3	cpe:2.3:a:mozilla:firefox_esr:10.0.3
	Mozilla Firefox Esr 10.0.4	cpe:2.3:a:mozilla:firefox_esr:10.0.4

Configuration #2

		CPE23	From	Up To
	Mozilla Thunderbird Esr 10.0	cpe:2.3:a:mozilla:thunderbird_esr:10.0
	Mozilla Thunderbird Esr 10.0.1	cpe:2.3:a:mozilla:thunderbird_esr:10.0.1
	Mozilla Thunderbird Esr 10.0.2	cpe:2.3:a:mozilla:thunderbird_esr:10.0.2
	Mozilla Thunderbird Esr 10.0.3	cpe:2.3:a:mozilla:thunderbird_esr:10.0.3
	Mozilla Thunderbird Esr 10.0.4	cpe:2.3:a:mozilla:thunderbird_esr:10.0.4