CVE-2012-4202
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
Affected (26)
Products: Mozilla: Firefox, Seamonkey, Thunderbird, Thunderbird Esr · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · +2 more
Show all products
Mozilla: Firefox, Seamonkey, Thunderbird, Thunderbird Esr · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · Canonical: Ubuntu Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.11 | |
| Before 2.14 | |
| Before 17.0 | |
| Before 10.0.11 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4 | |
| Version 10 sp4 | |
| Version 10 sp4 | |
| Version 10 sp4 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.04 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 5.0 | |
| Version 6.3 | |
| Version 5.0 | |
| Version 5.0 |
References (50)
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue TrackingPatchVendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.