Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4216

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-4216
Last Modified 02 Nov 2013 11:26:52
Published 21 Nov 2012 07:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4216

Summary

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Vulnerable Systems

Application

  • Mozilla Firefox 0.1

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.10.1

  • Mozilla Firefox 0.2

  • Mozilla Firefox 0.3

  • Mozilla Firefox 0.4

  • Mozilla Firefox 0.5

  • Mozilla Firefox 0.6

  • Mozilla Firefox 0.6.1

  • Mozilla Firefox 0.7

  • Mozilla Firefox 0.7.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 10.0

  • Mozilla Firefox 10.0.1

  • Mozilla Firefox 10.0.2

  • Mozilla Firefox 11.0

  • Mozilla Firefox 12.0

  • Mozilla Firefox 13.0

  • Mozilla Firefox 13.0.1

  • Mozilla Firefox 14.0

  • Mozilla Firefox 14.0.1

  • Mozilla Firefox 15.0

  • Mozilla Firefox 15.0.1

  • Mozilla Firefox 16.0

  • Mozilla Firefox 16.0.1

  • Mozilla Firefox 16.0.2

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.19

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.20

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.10

  • Mozilla Firefox 3.0.11

  • Mozilla Firefox 3.0.12

  • Mozilla Firefox 3.0.13

  • Mozilla Firefox 3.0.14

  • Mozilla Firefox 3.0.15

  • Mozilla Firefox 3.0.16

  • Mozilla Firefox 3.0.17

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Firefox 3.0.5

  • Mozilla Firefox 3.0.6

  • Mozilla Firefox 3.0.7

  • Mozilla Firefox 3.0.8

  • Mozilla Firefox 3.0.9

  • Mozilla Firefox 3.5

  • Mozilla Firefox 3.5.1

  • Mozilla Firefox 3.5.10

  • Mozilla Firefox 3.5.11

  • Mozilla Firefox 3.5.12

  • Mozilla Firefox 3.5.13

  • Mozilla Firefox 3.5.14

  • Mozilla Firefox 3.5.15

  • Mozilla Firefox 3.5.2

  • Mozilla Firefox 3.5.3

  • Mozilla Firefox 3.5.4

  • Mozilla Firefox 3.5.5

  • Mozilla Firefox 3.5.6

  • Mozilla Firefox 3.5.7

  • Mozilla Firefox 3.5.8

  • Mozilla Firefox 3.5.9

  • Mozilla Firefox 3.6

  • Mozilla Firefox 3.6.10

  • Mozilla Firefox 3.6.11

  • Mozilla Firefox 3.6.12

  • Mozilla Firefox 3.6.13

  • Mozilla Firefox 3.6.14

  • Mozilla Firefox 3.6.15

  • Mozilla Firefox 3.6.16

  • Mozilla Firefox 3.6.17

  • Mozilla Firefox 3.6.18

  • Mozilla Firefox 3.6.19

  • Mozilla Firefox 3.6.2

  • Mozilla Firefox 3.6.20

  • Mozilla Firefox 3.6.21

  • Mozilla Firefox 3.6.22

  • Mozilla Firefox 3.6.23

  • Mozilla Firefox 3.6.24

  • Mozilla Firefox 3.6.25

  • Mozilla Firefox 3.6.3

  • Mozilla Firefox 3.6.4

  • Mozilla Firefox 3.6.6

  • Mozilla Firefox 3.6.7

  • Mozilla Firefox 3.6.8

  • Mozilla Firefox 3.6.9

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0

  • Mozilla Firefox 5.0.1

  • Mozilla Firefox 6.0

  • Mozilla Firefox 6.0.1

  • Mozilla Firefox 6.0.2

  • Mozilla Firefox 7.0

  • Mozilla Firefox 7.0.1

  • Mozilla Firefox 8.0

  • Mozilla Firefox 8.0.1

  • Mozilla Firefox 9.0

  • Mozilla Firefox 9.0.1

  • Mozilla Firefox Esr 10.0

  • Mozilla Firefox Esr 10.0.1

  • Mozilla Firefox Esr 10.0.10

  • Mozilla Firefox Esr 10.0.2

  • Mozilla Firefox Esr 10.0.3

  • Mozilla Firefox Esr 10.0.4

  • Mozilla Firefox Esr 10.0.5

  • Mozilla Firefox Esr 10.0.6

  • Mozilla Firefox Esr 10.0.7

  • Mozilla Firefox Esr 10.0.8

  • Mozilla Firefox Esr 10.0.9

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.10

  • Mozilla Seamonkey 2.0.11

  • Mozilla Seamonkey 2.0.12

  • Mozilla Seamonkey 2.0.13

  • Mozilla Seamonkey 2.0.14

  • Mozilla Seamonkey 2.0.2

  • Mozilla Seamonkey 2.0.3

  • Mozilla Seamonkey 2.0.4

  • Mozilla Seamonkey 2.0.5

  • Mozilla Seamonkey 2.0.6

  • Mozilla Seamonkey 2.0.7

  • Mozilla Seamonkey 2.0.8

  • Mozilla Seamonkey 2.0.9

  • Mozilla Seamonkey 2.1

  • Mozilla Seamonkey 2.10

  • Mozilla Seamonkey 2.10.1

  • Mozilla Seamonkey 2.11

  • Mozilla Seamonkey 2.12

  • Mozilla Seamonkey 2.12.1

  • Mozilla Seamonkey 2.13

  • Mozilla Seamonkey 2.13.1

  • Mozilla Seamonkey 2.13.2

  • Mozilla Seamonkey 2.14

  • Mozilla Seamonkey 2.2

  • Mozilla Seamonkey 2.3

  • Mozilla Seamonkey 2.3.1

  • Mozilla Seamonkey 2.3.2

  • Mozilla Seamonkey 2.3.3

  • Mozilla Seamonkey 2.4

  • Mozilla Seamonkey 2.4.1

  • Mozilla Seamonkey 2.5

  • Mozilla Seamonkey 2.6

  • Mozilla Seamonkey 2.6.1

  • Mozilla Seamonkey 2.7

  • Mozilla Seamonkey 2.7.1

  • Mozilla Seamonkey 2.7.2

  • Mozilla Seamonkey 2.8

  • Mozilla Seamonkey 2.9

  • Mozilla Seamonkey 2.9.1

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.2

  • Mozilla Thunderbird 0.3

  • Mozilla Thunderbird 0.4

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.7.1

  • Mozilla Thunderbird 0.7.2

  • Mozilla Thunderbird 0.7.3

  • Mozilla Thunderbird 0.8

  • Mozilla Thunderbird 0.9

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.1

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.3

  • Mozilla Thunderbird 1.0.4

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.7

  • Mozilla Thunderbird 1.0.8

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.1

  • Mozilla Thunderbird 1.5.0.10

  • Mozilla Thunderbird 1.5.0.11

  • Mozilla Thunderbird 1.5.0.12

  • Mozilla Thunderbird 1.5.0.13

  • Mozilla Thunderbird 1.5.0.14

  • Mozilla Thunderbird 1.5.0.2

  • Mozilla Thunderbird 1.5.0.3

  • Mozilla Thunderbird 1.5.0.4

  • Mozilla Thunderbird 1.5.0.5

  • Mozilla Thunderbird 1.5.0.6

  • Mozilla Thunderbird 1.5.0.7

  • Mozilla Thunderbird 1.5.0.8

  • Mozilla Thunderbird 1.5.0.9

  • Mozilla Thunderbird 1.5.1

  • Mozilla Thunderbird 1.5.2

  • Mozilla Thunderbird 1.7.1

  • Mozilla Thunderbird 1.7.3

  • Mozilla Thunderbird 10.0

  • Mozilla Thunderbird 10.0.1

  • Mozilla Thunderbird 10.0.2

  • Mozilla Thunderbird 10.0.3

  • Mozilla Thunderbird 10.0.4

  • Mozilla Thunderbird 11.0

  • Mozilla Thunderbird 11.0.1

  • Mozilla Thunderbird 12.0

  • Mozilla Thunderbird 12.0.1

  • Mozilla Thunderbird 13.0

  • Mozilla Thunderbird 13.0.1

  • Mozilla Thunderbird 14.0

  • Mozilla Thunderbird 15.0

  • Mozilla Thunderbird 15.0.1

  • Mozilla Thunderbird 16.0.1

  • Mozilla Thunderbird 2.0

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.1

  • Mozilla Thunderbird 2.0.0.11

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.13

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.15

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.19

  • Mozilla Thunderbird 2.0.0.2

  • Mozilla Thunderbird 2.0.0.20

  • Mozilla Thunderbird 2.0.0.21

  • Mozilla Thunderbird 2.0.0.22

  • Mozilla Thunderbird 2.0.0.23

  • Mozilla Thunderbird 2.0.0.3

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.7

  • Mozilla Thunderbird 2.0.0.8

  • Mozilla Thunderbird 2.0.0.9

  • Mozilla Thunderbird 3.0

  • Mozilla Thunderbird 3.0.1

  • Mozilla Thunderbird 3.0.10

  • Mozilla Thunderbird 3.0.11

  • Mozilla Thunderbird 3.0.2

  • Mozilla Thunderbird 3.0.3

  • Mozilla Thunderbird 3.0.4

  • Mozilla Thunderbird 3.0.5

  • Mozilla Thunderbird 3.0.6

  • Mozilla Thunderbird 3.0.7

  • Mozilla Thunderbird 3.0.8

  • Mozilla Thunderbird 3.0.9

  • Mozilla Thunderbird 3.1

  • Mozilla Thunderbird 3.1.1

  • Mozilla Thunderbird 3.1.10

  • Mozilla Thunderbird 3.1.11

  • Mozilla Thunderbird 3.1.12

  • Mozilla Thunderbird 3.1.13

  • Mozilla Thunderbird 3.1.14

  • Mozilla Thunderbird 3.1.15

  • Mozilla Thunderbird 3.1.16

  • Mozilla Thunderbird 3.1.17

  • Mozilla Thunderbird 3.1.2

  • Mozilla Thunderbird 3.1.3

  • Mozilla Thunderbird 3.1.4

  • Mozilla Thunderbird 3.1.5

  • Mozilla Thunderbird 3.1.6

  • Mozilla Thunderbird 3.1.7

  • Mozilla Thunderbird 3.1.8

  • Mozilla Thunderbird 3.1.9

  • Mozilla Thunderbird 5.0

  • Mozilla Thunderbird 6.0

  • Mozilla Thunderbird 6.0.1

  • Mozilla Thunderbird 6.0.2

  • Mozilla Thunderbird 7.0

  • Mozilla Thunderbird 7.0.1

  • Mozilla Thunderbird 8.0

  • Mozilla Thunderbird 9.0

  • Mozilla Thunderbird 9.0.1

  • Mozilla Thunderbird Esr 10.0

  • Mozilla Thunderbird Esr 10.0.1

  • Mozilla Thunderbird Esr 10.0.10

  • Mozilla Thunderbird Esr 10.0.2

  • Mozilla Thunderbird Esr 10.0.3

  • Mozilla Thunderbird Esr 10.0.4

  • Mozilla Thunderbird Esr 10.0.5

  • Mozilla Thunderbird Esr 10.0.6

  • Mozilla Thunderbird Esr 10.0.7

  • Mozilla Thunderbird Esr 10.0.8

  • Mozilla Thunderbird Esr 10.0.9


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=798853

CONFIRM - http://www.mozilla.org/security/announce/2012/mfsa2012-105.html

UBUNTU - USN-1638-1

SUSE - openSUSE-SU-2012:1586

SUSE - openSUSE-SU-2012:1585

SUSE - openSUSE-SU-2012:1583

UBUNTU - USN-1638-3

UBUNTU - USN-1638-2

DEBIAN - DSA-2584

DEBIAN - DSA-2583

REDHAT - RHSA-2012:1483

REDHAT - RHSA-2012:1482

UBUNTU - USN-1636-1

SUSE - SUSE-SU-2012:1592

SUSE - openSUSE-SU-2013:0175

DEBIAN - DSA-2588

XF - firefox-getfontentry-code-exec(80189)

BID - 56634

SECUNIA - 51440

SECUNIA - 51439

SECUNIA - 51434

SECUNIA - 51381

SECUNIA - 51369

SECUNIA - 51360

SECUNIA - 51359

OSVDB - 87609

MANDRIVA - MDVSA-2012:173

SECUNIA - 51370

Related Patches

Red Hat 2012:1482-01 RHSA Critical: firefox security update for RHEL 5 x86

Red Hat 2012:1483-01 RHSA Critical: thunderbird security update for RHEL 5 x86

Novell SUSE 2012:7093 firefox-20121121 security update for SLE 11 SP2 i586

Novell SUSE 2012:7093 firefox-20121121 security update for SLE 11 SP2 x86_64

Novell SUSE 2012:8381 firefox-20121121 security update for SLE 10 SP4 i586

Novell SUSE 2012:8381 firefox-20121121 security update for SLE 10 SP4 x86_64

Mozilla Firefox ESR 10.0.11 for Mac OS X (Update) (See Note)

Mozilla Firefox (en-us) 17.0 for Windows (Update) (See Notes)

Mozilla Firefox 17.0 for Mac OS X (Update) (See Note) (Rev 2)

Mozilla Firefox ESR (en-us) 10.0.11 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 11:01:44