Vulnerability Details : CVE-2012-5842
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-5842
Probability of exploitation activity in the next 30 days: 0.96%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-5842
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
[email protected] |
References for CVE-2012-5842
-
http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
Mailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html
Mailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/56611
Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
Mailing List;Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=809674
Issue Tracking;Patch;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-1638-3
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=805957
Issue Tracking;Patch;Vendor Advisory
-
http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
Mailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-1638-1
Third Party Advisory
-
http://www.ubuntu.com/usn/USN-1638-2
Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16573
Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2012-1482.html
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=736537
Issue Tracking;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2012-1483.html
Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/80169
Third Party Advisory;VDB Entry
-
http://www.debian.org/security/2012/dsa-2583
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=793848
Issue Tracking;Vendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=802168
Issue Tracking;Patch;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:173
Third Party Advisory
-
http://www.ubuntu.com/usn/USN-1636-1
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
Mailing List;Third Party Advisory
-
http://www.debian.org/security/2012/dsa-2588
Third Party Advisory
-
http://www.debian.org/security/2012/dsa-2584
Third Party Advisory
Products affected by CVE-2012-5842
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*