CVE-2012-1951 Information

Description

Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0 Firefox ESR 10.x before 10.0.6 Thunderbird 5.0 through 13.0 Thunderbird ESR 10.x before 10.0.6 and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.

Reference

http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html http://osvdb.org/83997 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://secunia.com/advisories/49965 http://secunia.com/advisories/49968 http://secunia.com/advisories/49972 http://secunia.com/advisories/49977 http://secunia.com/advisories/49979 http://secunia.com/advisories/49992 http://secunia.com/advisories/49993 http://secunia.com/advisories/49994 http://www.mozilla.org/security/announce/2012/mfsa2012-44.html http://www.securityfocus.com/bid/54578 http://www.securitytracker.com/id?1027256 http://www.securitytracker.com/id?1027257 http://www.securitytracker.com/id?1027258 http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 http://www.ubuntu.com/usn/USN-1510-1 https://bugzilla.mozilla.org/show_bug.cgi?id=752902 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A16077