CVE-2012-0444 Information

Feb 14, 2021 cve

Description

Mozilla Firefox before 3.6.26 and 4.x through 9.0 Thunderbird before 3.1.18 and 5.0 through 9.0 and SeaMonkey before 2.7 do not properly initialize nsChildView data structures which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

Reference

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://secunia.com/advisories/48043 http://secunia.com/advisories/48095 http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-07.html http://www.securityfocus.com/bid/51753 http://www.ubuntu.com/usn/USN-1370-1 https://bugzilla.mozilla.org/show_bug.cgi?id=719612 https://exchange.xforce.ibmcloud.com/vulnerabilities/72858 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14464

Share on: