CVE-2012-3978 – Mozilla: Location object security checks bypassed by chrome code (MFSA 2012-70)
https://notcve.org/view.php?id=CVE-2012-3978
The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code. La función nsLocation::CheckURL en Mozilla Firefox anterior a v15.0, Firefox ESR v10.x anterior a v10.0.7, Thunderbird anterior a v15.0, Thunderbird ESR v10.x anterior a v10.0.7, y SeaMonkey anterior a v2.12 no sigue seguir correctamente el modelo de seguridad de ubicación de objeto, lo que permite a atacantes remotos evitar las restricciones de carga de contenido o posiblemente tener un impacto no especificado a través de vectores relacionados con el código de chrome. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-1210.html http://rhn.redhat.com/errata/RHSA-2012-1211.html http://www.debian.org/security/2012/dsa-2553 http://www.debian.org/security/2012/dsa-2554 http://www.debian.org/security/2012/dsa-2556 http://www.mozilla. • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-3971
https://notcve.org/view.php?id=CVE-2012-3971
Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions. Summer Institute of Linguistics (SIL) Graphite v2, cuando es usado en Mozilla Firefox anterior a v15.0, Thunderbird anterior a v15.0, y SeaMonkey anterior a v2.12, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores relacionados con las funciones (1) Silf::readClassMap and (2) Pass::readPass. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html http://www.mozilla.org/security/announce/2012/mfsa2012-64.html http://www.securityfocus.com/bid/55304 http://www.ubuntu.com/usn/USN-1548-1 http://www.ubuntu.com/usn/USN-1548-2 https://bugzilla.mozilla.org/show_bug.cgi?id=753230 https://bugzilla.mozilla.org& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-3975
https://notcve.org/view.php?id=CVE-2012-3975
The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code. El componente DOMParser en Mozilla Firefox anterior a v15.0, Thunderbird anterior a v15.0, y SeaMonkey anterior a v2.12 carga subrecursos durante el análisis de los datos de texto / html dentro de una extensión, que permite a atacantes remotos obtener información sensible, proporcionando datos datos manipulados al código de una extensión privilegiada. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html http://www.mozilla.org/security/announce/2012/mfsa2012-68.html http://www.securityfocus.com/bid/55311 http://www.ubuntu.com/usn/USN-1548-1 http://www.ubuntu.com/usn/USN-1548-2 https://bugzilla.mozilla.org/show_bug.cgi?id=770684 https://oval.cisecurity.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-3969 – Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)
https://notcve.org/view.php?id=CVE-2012-3969
Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow. Desbordamiento de entero en la función nsSVGFEMorphologyElement::Filter en Mozilla Firefox anterior a v15.0, Firefox ESR v10.x anterior a v10.0.7, Thunderbird anterior a v15.0, Thunderbird ESR v10.x anterior a v10.0.7, y SeaMonkey anterior a v2.12 permite a atacantes remotos ejecutar código arbitrario a través de un filtro SVG manipulado que desencadena un cálculo de suma incorrecta, dando lugar a un desbordamiento de búfer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-1210.html http://rhn.redhat.com/errata/RHSA-2012-1211.html http://www.debian.org/security/2012/dsa-2553 http://www.debian.org/security/2012/dsa-2554 http://www.debian.org/security/2012/dsa-2556 http://www.mozilla. • CWE-189: Numeric Errors CWE-416: Use After Free •
CVE-2012-3963 – Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
https://notcve.org/view.php?id=CVE-2012-3963
Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad usar-después-liberar(use-after-free) en la función js::gc::MapAllocToTraceKind en Mozilla Firefox anterior a v15.0, Firefox ESR v10.x anterior a v10.0.7, Thunderbird anterior a v15.0, Thunderbird ESR v10.x anterior a v10.0.7, y SeaMonkey anterior a v2.12 permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-1210.html http://rhn.redhat.com/errata/RHSA-2012-1211.html http://www.mozilla.org/security/announce/2012/mfsa2012-58.html http://www.securityfocus.com/bid/55340 http://www.ubuntu.com/usn/USN-1548-1 http://www.ubuntu • CWE-416: Use After Free •