Home > Vulnerability Database > CVE-2012-1973

Mend.io Vulnerability Database

CVE-2012-1973

Date: August 29, 2012

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Severity Score

5.6

Related Resources (19)

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=773207

Url: http://www.debian.org/security/2012/dsa-2556

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17045

Url: http://www.mozilla.org/security/announce/2012/mfsa2012-58.html

Url: http://www.debian.org/security/2012/dsa-2554

Url: http://www.debian.org/security/2012/dsa-2553

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2012-1973

Url: https://nvd.nist.gov/vuln/detail/CVE-2012-1973

Url: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Url: http://rhn.redhat.com/errata/RHSA-2012-1210.html

Url: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html

Url: http://www.ubuntu.com/usn/USN-1548-2

Url: http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html

Url: http://www.securityfocus.com/bid/55316

Url: http://www.ubuntu.com/usn/USN-1548-1

Url: https://access.redhat.com/security/cve/CVE-2012-1973

Url: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html

Url: http://rhn.redhat.com/errata/RHSA-2012-1211.html

Url: https://www.mend.io/vulnerability-database/CVE-2012-1973

Severity Score

5.6

Weakness Type (CWE)

Use After Free

CWE-416

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2012-1973

Date: August 29, 2012

Severity Score

Related Resources (19)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?