CVE-2012-0444
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
Published at
2012-02-01T16:55Z
4476 days ago
Modified
2020-08-28T13:12Z
1345 days ago
CWE-119
Problem type
References
GET https://vulnerabilitydata.com/api/details/CVE-2012-0444
{ "id": "CVE-2012-0444", "published_date": "2012-02-01T16:55Z", "last_modified_date": "2020-08-28T13:12Z", "assigner": "cve@mitre.org", "description": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.", "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612", "refsource": "CONFIRM", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ] }, { "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html", "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.debian.org/security/2012/dsa-2400", "name": "DSA-2400", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html", "name": "openSUSE-SU-2012:0234", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html", "name": "SUSE-SU-2012:0221", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html", "name": "SUSE-SU-2012:0198", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013", "name": "MDVSA-2012:013", "refsource": "MANDRIVA", "tags": [ "Third Party Advisory" ] }, { "url": "http://www.securityfocus.com/bid/51753", "name": "51753", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858", "name": "mozilla-nschildview-code-exec(72858)", "refsource": "XF", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464", "name": "oval:org.mitre.oval:def:14464", "refsource": "OVAL", "tags": [ "Third Party Advisory" ] }, { "url": "http://www.debian.org/security/2012/dsa-2406", "name": "DSA-2406", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ] }, { "url": "http://www.debian.org/security/2012/dsa-2402", "name": "DSA-2402", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ] }, { "url": "http://secunia.com/advisories/48095", "name": "48095", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ] }, { "url": "http://secunia.com/advisories/48043", "name": "48043", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ] }, { "url": "http://www.ubuntu.com/usn/USN-1370-1", "name": "USN-1370-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ] } ], "impact": { "baseMetricV2": { "cvssV2": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10 }, "severity": "HIGH", "exploitabilityScore": 10, "impactScore": 10, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } }, "problem_type": "CWE-119" }