Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html cve-icon cve-icon
http://osvdb.org/87609 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-1482.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-1483.html cve-icon cve-icon
http://secunia.com/advisories/51359 cve-icon cve-icon
http://secunia.com/advisories/51360 cve-icon cve-icon
http://secunia.com/advisories/51369 cve-icon cve-icon
http://secunia.com/advisories/51370 cve-icon cve-icon
http://secunia.com/advisories/51381 cve-icon cve-icon
http://secunia.com/advisories/51434 cve-icon cve-icon
http://secunia.com/advisories/51439 cve-icon cve-icon
http://secunia.com/advisories/51440 cve-icon cve-icon
http://www.debian.org/security/2012/dsa-2583 cve-icon cve-icon
http://www.debian.org/security/2012/dsa-2584 cve-icon cve-icon
http://www.debian.org/security/2012/dsa-2588 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2012:173 cve-icon cve-icon
http://www.mozilla.org/security/announce/2012/mfsa2012-105.html cve-icon cve-icon cve-icon
http://www.securityfocus.com/bid/56634 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1636-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1638-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1638-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1638-3 cve-icon cve-icon
https://bugzilla.mozilla.org/show_bug.cgi?id=798853 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/80189 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2012-4216 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16902 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2012-4216 cve-icon
History

Mon, 21 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Vendors & Products Mozilla firefox Esr

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-11-21T11:00:00

Updated: 2024-08-06T20:28:07.584Z

Reserved: 2012-08-08T00:00:00

Link: CVE-2012-4216

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-11-21T12:55:02.447

Modified: 2024-11-21T01:42:27.643

Link: CVE-2012-4216

cve-icon Redhat

Severity : Critical

Publid Date: 2012-11-20T00:00:00Z

Links: CVE-2012-4216 - Bugzilla