CVE-2012-3971
Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.
Published at
2012-08-29T10:56Z
4267 days ago
Modified
2017-09-19T01:35Z
2420 days ago
CWE-119
Problem type
References
| URL | Type |
|---|---|
| bugzilla.mozilla.org https://bugzilla.mozilla.org/show_bug.cgi?id=753230 | CONFIRM |
| bugzilla.mozilla.org https://bugzilla.mozilla.org/show_bug.cgi?id=753623 | CONFIRM |
| www.mozilla.org http://www.mozilla.org/security/announce/2012/mfsa2012-64.html | CONFIRM |
| USN-1548-2 http://www.ubuntu.com/usn/USN-1548-2 | UBUNTU |
| USN-1548-1 http://www.ubuntu.com/usn/USN-1548-1 | UBUNTU |
| SUSE-SU-2012:1167 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html | SUSE |
| openSUSE-SU-2012:1065 http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html | SUSE |
| SUSE-SU-2012:1157 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html | SUSE |
| 55304 http://www.securityfocus.com/bid/55304 | BID |
| oval:org.mitre.oval:def:16062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16062 | OVAL |
GET https://vulnerabilitydata.com/api/details/CVE-2012-3971
{
"id": "CVE-2012-3971",
"published_date": "2012-08-29T10:56Z",
"last_modified_date": "2017-09-19T01:35Z",
"assigner": "cve@mitre.org",
"description": "Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.",
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=753230",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=753230",
"refsource": "CONFIRM",
"tags": []
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=753623",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=753623",
"refsource": "CONFIRM",
"tags": []
},
{
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-64.html",
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-64.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-1548-2",
"name": "USN-1548-2",
"refsource": "UBUNTU",
"tags": []
},
{
"url": "http://www.ubuntu.com/usn/USN-1548-1",
"name": "USN-1548-1",
"refsource": "UBUNTU",
"tags": []
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html",
"name": "SUSE-SU-2012:1167",
"refsource": "SUSE",
"tags": []
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html",
"name": "openSUSE-SU-2012:1065",
"refsource": "SUSE",
"tags": []
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html",
"name": "SUSE-SU-2012:1157",
"refsource": "SUSE",
"tags": []
},
{
"url": "http://www.securityfocus.com/bid/55304",
"name": "55304",
"refsource": "BID",
"tags": []
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16062",
"name": "oval:org.mitre.oval:def:16062",
"refsource": "OVAL",
"tags": []
}
],
"impact": {
"baseMetricV2": {
"cvssV2": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10
},
"severity": "HIGH",
"exploitabilityScore": 10,
"impactScore": 10,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
},
"problem_type": "CWE-119"
}