1. Home
  2. Vulnerabilities
  3. CVE-2012-4187

CVE-2012-4187

CVSS v2.0 9.3 (High)
93% Progress
EPSS 3.53 % (92th)
3.53% Progress
Affected Products 13
Advisories 8
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2012-10-10 17:55:02
(12 years ago)
Updated Date
2020-08-10 14:59:58
(4 years ago)

Affected Products

Canonical

Mozilla

Redhat

Suse

Configuration #1

    CPE23 From Up To
  Mozilla Firefox Esr prior 10.0.8 version cpe:2.3:a:mozilla:firefox_esr < 10.0.8

Configuration #2

    CPE23 From Up To
  Mozilla Thunderbird Esr prior 10.0.8 version cpe:2.3:a:mozilla:thunderbird_esr < 10.0.8

Configuration #3

    CPE23 From Up To
  Mozilla Firefox prior 16.0 version cpe:2.3:a:mozilla:firefox < 16.0

Configuration #4

    CPE23 From Up To
  Mozilla Thunderbird prior 16.0 version cpe:2.3:a:mozilla:thunderbird < 16.0

Configuration #5

    CPE23 From Up To
  Mozilla Seamonkey prior 2.13 version cpe:2.3:a:mozilla:seamonkey < 2.13

Configuration #6

    CPE23 From Up To
  Canonical Ubuntu Linux 10.04 cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-
  Canonical Ubuntu Linux 11.04 cpe:2.3:o:canonical:ubuntu_linux:11.04
  Canonical Ubuntu Linux 11.10 cpe:2.3:o:canonical:ubuntu_linux:11.10
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm
  Redhat Enterprise Linux Desktop 5.0 cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
  Redhat Enterprise Linux Desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  Redhat Enterprise Linux Eus 6.3 cpe:2.3:o:redhat:enterprise_linux_eus:6.3
  Redhat Enterprise Linux Server 5.0 cpe:2.3:o:redhat:enterprise_linux_server:5.0
  Redhat Enterprise Linux Server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0
  Redhat Enterprise Linux Workstation 5.0 cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
  Redhat Enterprise Linux Workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0

Configuration #7

    CPE23 From Up To
  Suse Linux Enterprise Desktop 10 SP4 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4
  Suse Linux Enterprise Desktop 11 SP3 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3
  Suse Linux Enterprise Sdk 10 SP4 cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4
  Suse Linux Enterprise Server 10 SP4 cpe:2.3:o:suse:linux_enterprise_server:10:sp4
  Suse Linux Enterprise Server 11 SP3 cpe:2.3:o:suse:linux_enterprise_server:11:sp3
  Suse Linux Enterprise Server 11 SP3 for Vmware cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware