CVE-2012-0452

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0452 at MITRE

Description

Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entries: 746616, 746663

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • MozillaFirefox >= 10.0.1-0.4.1
  • MozillaFirefox-translations >= 10.0.1-0.4.1
  • mhtml-firefox >= 0.5-1.47.47.1
sles11-sp2.x86-64
sles11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1.ia64
sles11-sp1-vmware.x86
sles11-sp2.s390x
sles11-sp1.ia64
sles11-sp2.ppc
sles11-sp1.x86-64
sles11-sp2.x86
sled11-sp2.x86
sles11-sp2.ia64
sles11-sp1.x86
sled11-sp2.x86-64
sled11-sp1.x86
sles11-sp1.s390x
sles11-sp1.x86
sles11-sp1.ppc
sles11-sp1.ppc
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5807
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • MozillaFirefox >= 10.0.1-0.4.1
  • MozillaFirefox-translations >= 10.0.1-0.4.1
sles11-sp2.x86-64
sles11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1.ia64
sles11-sp1-vmware.x86
sles11-sp2.s390x
sles11-sp1.ia64
sles11-sp2.ppc
sles11-sp1.x86-64
sles11-sp2.x86
sled11-sp2.x86
sles11-sp2.ia64
sles11-sp1.x86
sled11-sp2.x86-64
sled11-sp1.x86
sles11-sp1.s390x
sles11-sp1.x86
sles11-sp1.ppc
sles11-sp1.ppc
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5807
openSUSE 11.4
  • seamonkey >= 2.7.1-0.2.1
  • seamonkey-dom-inspector >= 2.7.1-0.2.1
  • seamonkey-irc >= 2.7.1-0.2.1
  • seamonkey-translations-common >= 2.7.1-0.2.1
  • seamonkey-translations-other >= 2.7.1-0.2.1
  • seamonkey-venkman >= 2.7.1-0.2.1
openSUSE 11.4
  • MozillaFirefox >= 10.0.1-0.2.1
  • MozillaFirefox-branding-upstream >= 10.0.1-0.2.1
  • MozillaFirefox-buildsymbols >= 10.0.1-0.2.1
  • MozillaFirefox-devel >= 10.0.1-0.2.1
  • MozillaFirefox-translations-common >= 10.0.1-0.2.1
  • MozillaFirefox-translations-other >= 10.0.1-0.2.1
openSUSE 11.4
  • MozillaFirefox >= 10.0.1-0.2.1
  • MozillaFirefox-branding-upstream >= 10.0.1-0.2.1
  • MozillaFirefox-buildsymbols >= 10.0.1-0.2.1
  • MozillaFirefox-debuginfo >= 10.0.1-0.2.1
  • MozillaFirefox-debugsource >= 10.0.1-0.2.1
  • MozillaFirefox-devel >= 10.0.1-0.2.1
  • MozillaFirefox-translations-common >= 10.0.1-0.2.1
  • MozillaFirefox-translations-other >= 10.0.1-0.2.1
  • MozillaThunderbird >= 12.0-18.1
  • MozillaThunderbird-buildsymbols >= 12.0-18.1
  • MozillaThunderbird-debuginfo >= 12.0-18.1
  • MozillaThunderbird-debugsource >= 12.0-18.1
  • MozillaThunderbird-devel >= 12.0-18.1
  • MozillaThunderbird-translations-common >= 12.0-18.1
  • MozillaThunderbird-translations-other >= 12.0-18.1
  • enigmail >= 1.4.1+12.0-18.1
  • enigmail-debuginfo >= 1.4.1+12.0-18.1
  • seamonkey >= 2.7.1-0.2.1
  • seamonkey-debuginfo >= 2.7.1-0.2.1
  • seamonkey-debugsource >= 2.7.1-0.2.1
  • seamonkey-dom-inspector >= 2.7.1-0.2.1
  • seamonkey-irc >= 2.7.1-0.2.1
  • seamonkey-translations-common >= 2.7.1-0.2.1
  • seamonkey-translations-other >= 2.7.1-0.2.1
  • seamonkey-venkman >= 2.7.1-0.2.1
Patchnames:
MozillaFirefox
openSUSE-2012-254
seamonkey
openSUSE Evergreen 11.4
  • MozillaFirefox >= 24.8.0-127.1
  • MozillaFirefox-branding-upstream >= 24.8.0-127.1
  • MozillaFirefox-buildsymbols >= 24.8.0-127.1
  • MozillaFirefox-debuginfo >= 24.8.0-127.1
  • MozillaFirefox-debugsource >= 24.8.0-127.1
  • MozillaFirefox-devel >= 24.8.0-127.1
  • MozillaFirefox-translations-common >= 24.8.0-127.1
  • MozillaFirefox-translations-other >= 24.8.0-127.1
  • libfreebl3 >= 3.16.4-94.1
  • libfreebl3-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo >= 3.16.4-94.1
  • libfreebl3-debuginfo-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo-x86 >= 3.16.4-94.1
  • libfreebl3-x86 >= 3.16.4-94.1
  • libsoftokn3 >= 3.16.4-94.1
  • libsoftokn3-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo >= 3.16.4-94.1
  • libsoftokn3-debuginfo-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo-x86 >= 3.16.4-94.1
  • libsoftokn3-x86 >= 3.16.4-94.1
  • mozilla-nss >= 3.16.4-94.1
  • mozilla-nss-32bit >= 3.16.4-94.1
  • mozilla-nss-certs >= 3.16.4-94.1
  • mozilla-nss-certs-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-certs-x86 >= 3.16.4-94.1
  • mozilla-nss-debuginfo >= 3.16.4-94.1
  • mozilla-nss-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-debugsource >= 3.16.4-94.1
  • mozilla-nss-devel >= 3.16.4-94.1
  • mozilla-nss-sysinit >= 3.16.4-94.1
  • mozilla-nss-sysinit-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-sysinit-x86 >= 3.16.4-94.1
  • mozilla-nss-tools >= 3.16.4-94.1
  • mozilla-nss-tools-debuginfo >= 3.16.4-94.1
  • mozilla-nss-x86 >= 3.16.4-94.1
Patchnames:
2014-82