CVE-2012-3982

Sažetak

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
http://rhn.redhat.com/errata/RHSA-2012-1351.html
http://secunia.com/advisories/50856
http://secunia.com/advisories/50892
http://secunia.com/advisories/50904
http://secunia.com/advisories/50935
http://secunia.com/advisories/50936
http://secunia.com/advisories/50984
http://secunia.com/advisories/51181
http://secunia.com/advisories/55318
http://www.debian.org/security/2012/dsa-2565
http://www.debian.org/security/2012/dsa-2569
http://www.debian.org/security/2012/dsa-2572
http://www.mandriva.com/security/advisories?name=MDVSA-2012:163
http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
http://www.securityfocus.com/bid/55924
http://www.ubuntu.com/usn/USN-1611-1
https://bugzilla.mozilla.org/show_bug.cgi?id=783502
https://bugzilla.mozilla.org/show_bug.cgi?id=790856
https://bugzilla.mozilla.org/show_bug.cgi?id=794025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16612

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

21-10-2024 - 13:55

Objavljeno

10-10-2012 - 17:55