CVE-2012-0452
SUSE Linux Enterprise Desktop 11 SP1,SUSE Linux Enterprise Desktop 11 SP2,SUSE Linux Enterprise Server 11 SP1,SUSE Linux Enterprise Server 11 SP1 for VMware,SUSE Linux Enterprise Server 11 SP2,openSUSE 11.4
CVE-2012-0452, security advisory, novell, suse linux, suse, security, cve

CVE-2012-0452

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0452 at MITRE

Description

Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.48
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 746616 [RESOLVED / FIXED], 746663 [CLOSED / DUPLICATE]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • MozillaFirefox >= 10.0.1-0.4.1
  • MozillaFirefox-translations >= 10.0.1-0.4.1
  • mhtml-firefox >= 0.5-1.47.47.1
sles11-sp2.x86-64
sles11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1.ia64
sles11-sp1-vmware.x86
sles11-sp2.s390x
sles11-sp1.ia64
sles11-sp2.ppc
sles11-sp1.x86-64
sles11-sp2.x86
sled11-sp2.x86
sles11-sp2.ia64
sles11-sp1.x86
sled11-sp2.x86-64
sled11-sp1.x86
sles11-sp1.s390x
sles11-sp1.x86
sles11-sp1.ppc
sles11-sp1.ppc
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5807
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • MozillaFirefox >= 10.0.1-0.4.1
  • MozillaFirefox-translations >= 10.0.1-0.4.1
sles11-sp2.x86-64
sles11-sp1.x86-64
sles11-sp1.s390x
sles11-sp1.ia64
sles11-sp1-vmware.x86
sles11-sp2.s390x
sles11-sp1.ia64
sles11-sp2.ppc
sles11-sp1.x86-64
sles11-sp2.x86
sled11-sp2.x86
sles11-sp2.ia64
sles11-sp1.x86
sled11-sp2.x86-64
sled11-sp1.x86
sles11-sp1.s390x
sles11-sp1.x86
sles11-sp1.ppc
sles11-sp1.ppc
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5807
openSUSE 11.4
  • seamonkey >= 2.7.1-0.2.1
  • seamonkey-dom-inspector >= 2.7.1-0.2.1
  • seamonkey-irc >= 2.7.1-0.2.1
  • seamonkey-translations-common >= 2.7.1-0.2.1
  • seamonkey-translations-other >= 2.7.1-0.2.1
  • seamonkey-venkman >= 2.7.1-0.2.1
openSUSE 11.4
  • MozillaFirefox >= 10.0.1-0.2.1
  • MozillaFirefox-branding-upstream >= 10.0.1-0.2.1
  • MozillaFirefox-buildsymbols >= 10.0.1-0.2.1
  • MozillaFirefox-devel >= 10.0.1-0.2.1
  • MozillaFirefox-translations-common >= 10.0.1-0.2.1
  • MozillaFirefox-translations-other >= 10.0.1-0.2.1
openSUSE 11.4
  • MozillaFirefox >= 10.0.1-0.2.1
  • MozillaFirefox-branding-openSUSE >= 5.0-2.5.1
  • MozillaFirefox-branding-upstream >= 10.0.1-0.2.1
  • MozillaFirefox-buildsymbols >= 10.0.1-0.2.1
  • MozillaFirefox-debuginfo >= 10.0.1-0.2.1
  • MozillaFirefox-debugsource >= 10.0.1-0.2.1
  • MozillaFirefox-devel >= 10.0.1-0.2.1
  • MozillaFirefox-translations-common >= 10.0.1-0.2.1
  • MozillaFirefox-translations-other >= 10.0.1-0.2.1
  • MozillaThunderbird >= 3.1.16-0.19.2
  • MozillaThunderbird-buildsymbols >= 3.1.16-0.19.2
  • MozillaThunderbird-debuginfo >= 3.1.16-0.19.2
  • MozillaThunderbird-debugsource >= 3.1.16-0.19.2
  • MozillaThunderbird-devel >= 3.1.16-0.19.2
  • MozillaThunderbird-devel-debuginfo >= 3.1.16-0.19.2
  • MozillaThunderbird-translations-common >= 3.1.16-0.19.2
  • MozillaThunderbird-translations-other >= 3.1.16-0.19.2
  • enigmail >= 1.1.2+3.1.16-0.19.2
  • enigmail-debuginfo >= 1.1.2+3.1.16-0.19.2
  • mozilla-js192 >= 1.9.2.25-0.2.1
  • mozilla-js192-32bit >= 1.9.2.25-0.2.1
  • mozilla-js192-debuginfo >= 1.9.2.25-0.2.1
  • mozilla-js192-debuginfo-32bit >= 1.9.2.25-0.2.1
  • mozilla-js20 >= 2.0.1-0.2.2
  • mozilla-js20-32bit >= 2.0.1-0.2.2
  • mozilla-js20-debuginfo >= 2.0.1-0.2.2
  • mozilla-js20-debuginfo-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner192 >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-buildsymbols >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-debuginfo >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-debuginfo-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-debugsource >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-devel >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-devel-debuginfo >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-gnome >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-gnome-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-gnome-debuginfo >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-gnome-debuginfo-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-translations-common >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-translations-common-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-translations-other >= 1.9.2.25-0.2.1
  • mozilla-xulrunner192-translations-other-32bit >= 1.9.2.25-0.2.1
  • mozilla-xulrunner20 >= 2.0.1-0.2.2
  • mozilla-xulrunner20-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner20-buildsymbols >= 2.0.1-0.2.2
  • mozilla-xulrunner20-debuginfo >= 2.0.1-0.2.2
  • mozilla-xulrunner20-debuginfo-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner20-debugsource >= 2.0.1-0.2.2
  • mozilla-xulrunner20-devel >= 2.0.1-0.2.2
  • mozilla-xulrunner20-devel-debuginfo >= 2.0.1-0.2.2
  • mozilla-xulrunner20-gnome >= 2.0.1-0.2.2
  • mozilla-xulrunner20-gnome-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner20-gnome-debuginfo >= 2.0.1-0.2.2
  • mozilla-xulrunner20-gnome-debuginfo-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner20-translations-common >= 2.0.1-0.2.2
  • mozilla-xulrunner20-translations-common-32bit >= 2.0.1-0.2.2
  • mozilla-xulrunner20-translations-other >= 2.0.1-0.2.2
  • mozilla-xulrunner20-translations-other-32bit >= 2.0.1-0.2.2
  • seamonkey >= 2.7.1-0.2.1
  • seamonkey-debuginfo >= 2.7.1-0.2.1
  • seamonkey-debugsource >= 2.7.1-0.2.1
  • seamonkey-dom-inspector >= 2.7.1-0.2.1
  • seamonkey-irc >= 2.7.1-0.2.1
  • seamonkey-translations-common >= 2.7.1-0.2.1
  • seamonkey-translations-other >= 2.7.1-0.2.1
  • seamonkey-venkman >= 2.7.1-0.2.1
Patchnames:
MozillaFirefox
openSUSE-2012-254
seamonkey
openSUSE Evergreen 11.4
  • MozillaFirefox >= 24.8.0-127.1
  • MozillaFirefox-branding-upstream >= 24.8.0-127.1
  • MozillaFirefox-buildsymbols >= 24.8.0-127.1
  • MozillaFirefox-debuginfo >= 24.8.0-127.1
  • MozillaFirefox-debugsource >= 24.8.0-127.1
  • MozillaFirefox-devel >= 24.8.0-127.1
  • MozillaFirefox-translations-common >= 24.8.0-127.1
  • MozillaFirefox-translations-other >= 24.8.0-127.1
  • libfreebl3 >= 3.16.4-94.1
  • libfreebl3-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo >= 3.16.4-94.1
  • libfreebl3-debuginfo-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo-x86 >= 3.16.4-94.1
  • libfreebl3-x86 >= 3.16.4-94.1
  • libsoftokn3 >= 3.16.4-94.1
  • libsoftokn3-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo >= 3.16.4-94.1
  • libsoftokn3-debuginfo-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo-x86 >= 3.16.4-94.1
  • libsoftokn3-x86 >= 3.16.4-94.1
  • mozilla-nss >= 3.16.4-94.1
  • mozilla-nss-32bit >= 3.16.4-94.1
  • mozilla-nss-certs >= 3.16.4-94.1
  • mozilla-nss-certs-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-certs-x86 >= 3.16.4-94.1
  • mozilla-nss-debuginfo >= 3.16.4-94.1
  • mozilla-nss-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-debugsource >= 3.16.4-94.1
  • mozilla-nss-devel >= 3.16.4-94.1
  • mozilla-nss-sysinit >= 3.16.4-94.1
  • mozilla-nss-sysinit-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-sysinit-x86 >= 3.16.4-94.1
  • mozilla-nss-tools >= 3.16.4-94.1
  • mozilla-nss-tools-debuginfo >= 3.16.4-94.1
  • mozilla-nss-x86 >= 3.16.4-94.1
Patchnames:
2014-82