Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0459

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-0459
Last Modified 18 Dec 2012 11:48:33
Published 14 Mar 2012 03:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0459

Summary

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.

Vulnerable Systems

Application

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0

  • Mozilla Firefox 5.0.1

  • Mozilla Firefox 6.0

  • Mozilla Firefox 6.0.1

  • Mozilla Firefox 6.0.2

  • Mozilla Firefox 7.0

  • Mozilla Firefox 7.0.1

  • Mozilla Firefox 8.0

  • Mozilla Firefox 8.0.1

  • Mozilla Firefox 9.0

  • Mozilla Firefox 9.0.1

  • Mozilla Firefox Esr 10.0

  • Mozilla Firefox Esr 10.1

  • Mozilla Firefox Esr 10.2

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.4

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.14

  • Mozilla Seamonkey 1.1.15

  • Mozilla Seamonkey 1.1.16

  • Mozilla Seamonkey 1.1.17

  • Mozilla Seamonkey 1.1.18

  • Mozilla Seamonkey 1.1.19

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Seamonkey 1.5.0.10

  • Mozilla Seamonkey 1.5.0.8

  • Mozilla Seamonkey 1.5.0.9

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.10

  • Mozilla Seamonkey 2.0.11

  • Mozilla Seamonkey 2.0.12

  • Mozilla Seamonkey 2.0.13

  • Mozilla Seamonkey 2.0.14

  • Mozilla Seamonkey 2.0.2

  • Mozilla Seamonkey 2.0.3

  • Mozilla Seamonkey 2.0.4

  • Mozilla Seamonkey 2.0.5

  • Mozilla Seamonkey 2.0.6

  • Mozilla Seamonkey 2.0.7

  • Mozilla Seamonkey 2.0.8

  • Mozilla Seamonkey 2.0.9

  • Mozilla Seamonkey 2.1

  • Mozilla Seamonkey 2.2

  • Mozilla Seamonkey 2.3

  • Mozilla Seamonkey 2.3.1

  • Mozilla Seamonkey 2.3.2

  • Mozilla Seamonkey 2.3.3

  • Mozilla Seamonkey 2.4

  • Mozilla Seamonkey 2.4.1

  • Mozilla Seamonkey 2.5

  • Mozilla Seamonkey 2.6

  • Mozilla Seamonkey 2.6.1

  • Mozilla Seamonkey 2.7

  • Mozilla Thunderbird 5.0

  • Mozilla Thunderbird 6.0

  • Mozilla Thunderbird 6.0.1

  • Mozilla Thunderbird 6.0.2

  • Mozilla Thunderbird 7.0

  • Mozilla Thunderbird 7.0.1

  • Mozilla Thunderbird 8.0

  • Mozilla Thunderbird 9.0

  • Mozilla Thunderbird 9.0.1

  • Mozilla Thunderbird Esr 10.0

  • Mozilla Thunderbird Esr 10.0.1

  • Mozilla Thunderbird Esr 10.0.2


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=723446

CONFIRM - http://www.mozilla.org/security/announce/2012/mfsa2012-17.html

UBUNTU - USN-1400-3

SECUNIA - 48629

SECUNIA - 48513

SUSE - openSUSE-SU-2012:0417

UBUNTU - USN-1400-5

UBUNTU - USN-1400-4

UBUNTU - USN-1400-2

SECUNIA - 48553

SECUNIA - 48496

SECUNIA - 48561

SECUNIA - 49055

Related Patches

Red Hat 2012:0387-01 RHSA Critical: firefox security and bug fix update for RHEL 5 x86

Red Hat 2012:0387-01 RHSA Critical: firefox security and bug fix update for RHEL 5 x86_64

Red Hat 2012:0388-01 RHSA Critical: thunderbird security update for RHEL 5 x86

Red Hat 2012:0388-01 RHSA Critical: thunderbird security update for RHEL 5 x86_64

Novell SUSE 2012:6007 MozillaFirefox security update for SLE 11 SP1 i586

Novell SUSE 2012:6007 MozillaFirefox security update for SLE 11 SP1 x86_64

Mozilla Firefox ESR 10.0.3 for Mac OS X (Update) (See Note) (Rev 2)

Mozilla Firefox (English) 11.0 for Windows (Update) (See Notes) (Rev 2)

Mozilla Firefox 11.0 for Mac OS X (Update) (See Note) (Rev 2)

Mozilla Firefox ESR (English) 10.0.3 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 10:58:23