CVE-2012-5830

high-risk
Published 2012-11-21

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

Do I need to act?

-
0.86% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (20)

Affected Vendors

Suse Opensuse Canonical Redhat Mozilla

References (46)

Mailing List http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
Mailing List http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
Mailing List http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html
Mailing List http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
Broken Link http://osvdb.org/87598
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2012-1482.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2012-1483.html
Broken Link http://secunia.com/advisories/51359
Broken Link http://secunia.com/advisories/51360
Broken Link http://secunia.com/advisories/51369
Broken Link http://secunia.com/advisories/51370
Broken Link http://secunia.com/advisories/51381
Broken Link http://secunia.com/advisories/51434
Broken Link http://secunia.com/advisories/51439
Broken Link http://secunia.com/advisories/51440
Vendor Advisory http://www.mozilla.org/security/announce/2012/mfsa2012-106.html
Third Party Advisory http://www.ubuntu.com/usn/USN-1636-1
Third Party Advisory http://www.ubuntu.com/usn/USN-1638-1
Third Party Advisory http://www.ubuntu.com/usn/USN-1638-2
and 26 more references
54
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 3/34 · Minimal
Exposure 21/34 · High