CVE-2012-0452
Publication date 13 February 2012
Last updated 24 July 2024
Ubuntu priority
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | ||
seamonkey | ||
thunderbird | ||
xulrunner-1.9.2 | ||
xulrunner-2.0 | ||
Notes
References
Related Ubuntu Security Notices (USN)
- USN-1360-1
- Firefox vulnerability
- 13 February 2012
- USN-1369-1
- Thunderbird vulnerabilities
- 17 February 2012