Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802889
Category:General
Title:Mozilla Products Multiple Vulnerabilities - July12 (Windows)
Summary:This host is installed with Mozilla firefox/thunderbird/seamonkey and is; prone to multiple vulnerabilities.
Description:Summary:
This host is installed with Mozilla firefox/thunderbird/seamonkey and is
prone to multiple vulnerabilities.

Vulnerability Insight:
- Use-after-free error exists within the functions
'nsGlobalWindow::PageHidden()', 'nsSMILTimeValueSpec::IsEventBased',
'nsDocument::AdoptNode' and 'JSDependentString::undepend'.

- Multiple unspecified errors within the browser engine can be exploited to
corrupt memory.

- An error within the feed-view functionality.

- An out-of-bounds read error within the
'ElementAnimations::EnsureStyleRuleFor()'.

- A bad cast error within the 'nsTableFrame::InsertFrames()', can be
exploited to corrupt memory.

Vulnerability Impact:
Successful exploitation could allow attackers to inject scripts, bypass
certain security restrictions, execute arbitrary code in the context of the
browser or cause a denial of service.

Affected Software/OS:
SeaMonkey version before 2.11

Thunderbird version 5.0 through 13.0

Mozilla Firefox version 4.x through 13.0

Thunderbird ESR version 10.x before 10.0.6

Mozilla Firefox ESR version 10.x before 10.0.6 on Windows

Solution:
Upgrade to Mozilla Firefox version 14.0 or ESR version 10.0.6 or later, upgrade to SeaMonkey version to 2.11 or later,
upgrade to Thunderbird version to 14.0 or ESR 10.0.6 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-1948
BugTraq ID: 54580
http://www.securityfocus.com/bid/54580
Debian Security Information: DSA-2514 (Google Search)
http://www.debian.org/security/2012/dsa-2514
Debian Security Information: DSA-2528 (Google Search)
http://www.debian.org/security/2012/dsa-2528
http://osvdb.org/84007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744
RedHat Security Advisories: RHSA-2012:1088
http://rhn.redhat.com/errata/RHSA-2012-1088.html
http://www.securitytracker.com/id?1027256
http://www.securitytracker.com/id?1027257
http://www.securitytracker.com/id?1027258
http://secunia.com/advisories/49963
http://secunia.com/advisories/49964
http://secunia.com/advisories/49965
http://secunia.com/advisories/49968
http://secunia.com/advisories/49972
http://secunia.com/advisories/49977
http://secunia.com/advisories/49979
http://secunia.com/advisories/49992
http://secunia.com/advisories/49993
http://secunia.com/advisories/49994
SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html
SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html
SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html
SuSE Security Announcement: openSUSE-SU-2012:0917 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
http://www.ubuntu.com/usn/USN-1509-1
http://www.ubuntu.com/usn/USN-1509-2
http://www.ubuntu.com/usn/USN-1510-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-1951
BugTraq ID: 54578
http://www.securityfocus.com/bid/54578
http://osvdb.org/83997
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16077
Common Vulnerability Exposure (CVE) ID: CVE-2012-1952
http://osvdb.org/83999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16942
Common Vulnerability Exposure (CVE) ID: CVE-2012-1953
http://osvdb.org/83998
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16894
Common Vulnerability Exposure (CVE) ID: CVE-2012-1954
http://osvdb.org/83995
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984
Common Vulnerability Exposure (CVE) ID: CVE-2012-1955
BugTraq ID: 54586
http://www.securityfocus.com/bid/54586
http://osvdb.org/83996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004
Common Vulnerability Exposure (CVE) ID: CVE-2012-1957
BugTraq ID: 54583
http://www.securityfocus.com/bid/54583
http://osvdb.org/84000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844
Common Vulnerability Exposure (CVE) ID: CVE-2012-1958
BugTraq ID: 54574
http://www.securityfocus.com/bid/54574
http://osvdb.org/84001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16434
Common Vulnerability Exposure (CVE) ID: CVE-2012-1959
BugTraq ID: 54576
http://www.securityfocus.com/bid/54576
http://osvdb.org/84002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16920
Common Vulnerability Exposure (CVE) ID: CVE-2012-1961
BugTraq ID: 54584
http://www.securityfocus.com/bid/54584
http://osvdb.org/84003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16993
Common Vulnerability Exposure (CVE) ID: CVE-2012-1962
BugTraq ID: 54575
http://www.securityfocus.com/bid/54575
http://osvdb.org/84004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16729
Common Vulnerability Exposure (CVE) ID: CVE-2012-1963
BugTraq ID: 54582
http://www.securityfocus.com/bid/54582
http://osvdb.org/84005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17056
Common Vulnerability Exposure (CVE) ID: CVE-2012-1967
BugTraq ID: 54573
http://www.securityfocus.com/bid/54573
http://osvdb.org/84013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.