Vulnerabilities > CVE-2012-3983 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
mozilla
canonical
suse
CWE-119
critical
nessus

Summary

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Configurations

Part Description Count
Application
Mozilla
529
OS
Canonical
4
OS
Suse
5

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_THUNDERBIRD_10_0_8.NASL
    descriptionThe installed version of Thunderbird 10.0.x is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) - Some methods of a feature used for testing (DOMWindowUtils) are not properly protected and may be called through script by web pages. (CVE-2012-3986) - A potentially exploitable denial of service may be caused by a combination of invoking full-screen mode and navigating backwards in history. (CVE-2012-3988) - When the
    last seen2020-06-01
    modified2020-06-02
    plugin id62577
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62577
    titleMozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities (Mac OS X)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(62577);
      script_version("1.17");
      script_cvs_date("Date: 2019/12/04");
    
      script_cve_id(
        "CVE-2012-3982",
        "CVE-2012-3983",
        "CVE-2012-3986",
        "CVE-2012-3988",
        "CVE-2012-3990",
        "CVE-2012-3991",
        "CVE-2012-3992",
        "CVE-2012-3993",
        "CVE-2012-3994",
        "CVE-2012-3995",
        "CVE-2012-4179",
        "CVE-2012-4180",
        "CVE-2012-4181",
        "CVE-2012-4182",
        "CVE-2012-4183",
        "CVE-2012-4184",
        "CVE-2012-4185",
        "CVE-2012-4186",
        "CVE-2012-4187",
        "CVE-2012-4188"
      );
      script_bugtraq_id(
        55922,
        55924,
        55930,
        55931,
        56118,
        56119,
        56120,
        56121,
        56123,
        56125,
        56126,
        56127,
        56128,
        56129,
        56130,
        56131,
        56135,
        56136,
        56140,
        56145
      );
    
      script_name(english:"Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities (Mac OS X)");
      script_summary(english:"Checks version of Thunderbird");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Mac OS X host contains a mail client that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Thunderbird 10.0.x is affected by the
    following vulnerabilities :
    
      - Several memory safety bugs exist in the browser engine 
        used in Mozilla-based products that could be exploited 
        to execute arbitrary code. (CVE-2012-3983)
    
      - Some methods of a feature used for testing 
        (DOMWindowUtils) are not properly protected and may be 
        called through script by web pages. (CVE-2012-3986)
    
      - A potentially exploitable denial of service may be 
        caused by a combination of invoking full-screen mode and 
        navigating backwards in history. (CVE-2012-3988)
    
      - When the 'GetProperty' function is invoked through JSAP, 
        security checking can by bypassed when getting cross-
        origin properties, potentially allowing arbitrary code 
        execution. (CVE-2012-3991)
    
      - The 'location' property can be accessed by binary 
        plugins through 'top.location' and 'top' can be shadowed 
        by 'Object.defineProperty', potentially allowing cross-
        site scripting attacks through plugins. (CVE-2012-3994)
    
      - The Chrome Object Wrapper (COW) has flaws that could 
        allow access to privileged functions, allowing for cross-
        site scripting attacks or arbitrary code execution. 
        (CVE-2012-3993, CVE-2012-4184)
    
      - The 'location.hash' property is vulnerable to an attack 
        that could allow an attacker to inject script or 
        intercept post data. (CVE-2012-3992)
    
      - The 'Address Sanitizer' tool is affected by multiple, 
        potentially exploitable use-after-free flaws. 
        (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, 
        CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, 
        CVE-2012-4183)
    
      - The 'Address Sanitizer' tool is affected by multiple, 
        potentially exploitable heap memory corruption issues. 
        (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, 
        CVE-2012-4188)");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Mozilla Thunderbird 10.0.8 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4188");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/10/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("macosx_thunderbird_installed.nasl");
      script_require_keys("MacOSX/Thunderbird/Installed");
    
      exit(0);
    }
    
    include("mozilla_version.inc");
    kb_base = "MacOSX/Thunderbird";
    get_kb_item_or_exit(kb_base+"/Installed");
    
    version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1);
    path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1);
    
    mozilla_check_version(product:'thunderbird', version:version, path:path, fix:'10.0.8', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_10_0_8.NASL
    descriptionThe installed version of Firefox is earlier than 10.0.8 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) - Some methods of a feature used for testing (DOMWindowUtils) are not properly protected and may be called through script by web pages. (CVE-2012-3986) - A potentially exploitable denial of service may be caused by a combination of invoking full-screen mode and navigating backwards in history. (CVE-2012-3988) - When the
    last seen2020-06-01
    modified2020-06-02
    plugin id62575
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62575
    titleFirefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(62575);
      script_version("1.19");
      script_cvs_date("Date: 2019/12/04");
    
      script_cve_id(
        "CVE-2012-3982",
        "CVE-2012-3983",
        "CVE-2012-3986",
        "CVE-2012-3988",
        "CVE-2012-3990",
        "CVE-2012-3991",
        "CVE-2012-3992",
        "CVE-2012-3993",
        "CVE-2012-3994",
        "CVE-2012-3995",
        "CVE-2012-4179",
        "CVE-2012-4180",
        "CVE-2012-4181",
        "CVE-2012-4182",
        "CVE-2012-4183",
        "CVE-2012-4184",
        "CVE-2012-4185",
        "CVE-2012-4186",
        "CVE-2012-4187",
        "CVE-2012-4188"
      );
      script_bugtraq_id(
        55922,
        55924,
        55930,
        55931,
        56118,
        56119,
        56120,
        56121,
        56123,
        56125,
        56126,
        56127,
        56128,
        56129,
        56130,
        56131,
        56135,
        56136,
        56140,
        56145
      );
    
      script_name(english:"Firefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)");
      script_summary(english:"Checks version of Firefox");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Mac OS X host contains a web browser that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Firefox is earlier than 10.0.8 and thus, is
    affected by the following vulnerabilities :
    
      - Several memory safety bugs exist in the browser engine 
        used in Mozilla-based products that could be exploited 
        to execute arbitrary code. (CVE-2012-3983)
    
      - Some methods of a feature used for testing 
        (DOMWindowUtils) are not properly protected and may be 
        called through script by web pages. (CVE-2012-3986)
    
      - A potentially exploitable denial of service may be 
        caused by a combination of invoking full-screen mode and 
        navigating backwards in history. (CVE-2012-3988)
    
      - When the 'GetProperty' function is invoked through JSAP, 
        security checking can be bypassed when getting cross-
        origin properties, potentially allowing arbitrary code 
        execution. (CVE-2012-3991)
    
      - The 'location' property can be accessed by binary 
        plugins through 'top.location' and 'top' can be shadowed 
        by 'Object.defineProperty', potentially allowing cross-
        site scripting attacks through plugins. (CVE-2012-3994)
    
      - The Chrome Object Wrapper (COW) has flaws that could 
        allow access to privileged functions, allowing for cross-
        site scripting attacks or arbitrary code execution. 
        (CVE-2012-3993, CVE-2012-4184)
    
      - The 'location.hash' property is vulnerable to an attack 
        that could allow an attacker to inject script or 
        intercept post data. (CVE-2012-3992)
    
      - The 'Address Sanitizer' tool is affected by multiple, 
        potentially exploitable use-after-free flaws. 
        (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, 
        CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, 
        CVE-2012-4183)
    
      - The 'Address Sanitizer' tool is affected by multiple, 
        potentially exploitable heap memory corruption issues. 
        (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, 
        CVE-2012-4188)");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Firefox 10.0.8 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4188");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/10/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("macosx_firefox_installed.nasl");
      script_require_keys("MacOSX/Firefox/Installed");
    
      exit(0);
    }
    
    include("mozilla_version.inc");
    kb_base = "MacOSX/Firefox";
    get_kb_item_or_exit(kb_base+"/Installed");
    
    version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1);
    path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1);
    
    if (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');
    
    mozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'10.0.8', severity:SECURITY_HOLE, xss:TRUE);
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2012-1351-1.NASL
    descriptionMozilla Firefox was updated to the 10.0.9ESR security release which fixes bugs and security issues : MFSA 2012-73 / CVE-2012-3977: Security researchers Thai Duong and Juliano Rizzo reported that SPDY
    last seen2020-06-05
    modified2015-05-20
    plugin id83562
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83562
    titleSUSE SLED10 / SLED11 / SLES10 / SLES11 Security Update : Mozilla Firefox (SUSE-SU-2012:1351-1)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_160.NASL
    descriptionThe installed version of Firefox is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) -
    last seen2020-06-01
    modified2020-06-02
    plugin id62580
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62580
    titleFirefox < 16.0 Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_16_0.NASL
    descriptionThe installed version of Firefox is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) -
    last seen2020-06-01
    modified2020-06-02
    plugin id62576
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62576
    titleFirefox < 16.0 Multiple Vulnerabilities (Mac OS X)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_6E5A9AFD12D311E2B47DC8600054B392.NASL
    descriptionThe Mozilla Project reports : MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8) MFSA 2012-75 select element persistance allows for attacks MFSA 2012-76 Continued access to initial origin after setting document.domain MFSA 2012-77 Some DOMWindowUtils methods bypass security checks MFSA 2012-78 Reader Mode pages have chrome privileges MFSA 2012-79 DOS and crash with full screen and history navigation MFSA 2012-80 Crash with invalid cast when using instanceof operator MFSA 2012-81 GetProperty function can bypass security checks MFSA 2012-82 top object and location property accessible by plugins MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow access to privileged functions or properties MFSA 2012-84 Spoofing and script injection through location.hash MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer MFSA 2012-87 Use-after-free in the IME State Manager MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1) MFSA 2012-89 defaultValue security checks not applied
    last seen2020-06-01
    modified2020-06-02
    plugin id62490
    published2012-10-11
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62490
    titleFreeBSD : mozilla -- multiple vulnerabilities (6e5a9afd-12d3-11e2-b47d-c8600054b392)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-709.NASL
    descriptionThe Mozilla suite received following security updates (bnc#783533) : Mozilla Firefox was updated to 16.0.1. Mozilla SeaMonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. - MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards - MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied - MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards - MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks - MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain - MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks - MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation - MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator - MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks - MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins - MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow access to privileged functions or properties - MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash - MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer - MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer - MFSA 2012-87/CVE-2012-3990 (bmo#787704)
    last seen2020-06-05
    modified2014-06-13
    plugin id74779
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74779
    titleopenSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1345-1)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_1008.NASL
    descriptionThe installed version of Firefox 10.0.x is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) - Some methods of a feature used for testing (DOMWindowUtils) are not properly protected and may be called through script by web pages. (CVE-2012-3986) - A potentially exploitable denial of service may be caused by a combination of invoking full-screen mode and navigating backwards in history. (CVE-2012-3988) - When the
    last seen2020-06-01
    modified2020-06-02
    plugin id62579
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62579
    titleFirefox 10.0.x < 10.0.8 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1600-1.NASL
    descriptionHenrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Firefox. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. (CVE-2012-3982, CVE-2012-3983, CVE-2012-3988, CVE-2012-3989) David Bloom and Jordi Chancel discovered that Firefox did not always properly handle the <select> element. A remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. (CVE-2012-3984) Collin Jackson discovered that Firefox did not properly follow the HTML5 specification for document.domain behavior. A remote attacker could exploit this to conduct cross-site scripting (XSS) attacks via JavaScript execution. (CVE-2012-3985) Johnny Stenback discovered that Firefox did not properly perform security checks on test methods for DOMWindowUtils. (CVE-2012-3986) Alice White discovered that the security checks for GetProperty could be bypassed when using JSAPI. If a user were tricked into opening a specially crafted web page, a remote attacker could exploit this to execute arbitrary code as the user invoking the program. (CVE-2012-3991) Mariusz Mlynski discovered a history state error in Firefox. A remote attacker could exploit this to spoof the location property to inject script or intercept posted data. (CVE-2012-3992) Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. (CVE-2012-3993, CVE-2012-3994, CVE-2012-4184) Abhishek Arya, Atte Kettunen and others discovered several memory flaws in Firefox when using the Address Sanitizer tool. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62476
    published2012-10-10
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62476
    titleUbuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1600-1)
  • NASL familyWindows
    NASL idSEAMONKEY_213.NASL
    descriptionThe installed version of SeaMonkey is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) -
    last seen2020-06-01
    modified2020-06-02
    plugin id62583
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62583
    titleSeaMonkey < 2.13 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_FIREFOX-201210-121015.NASL
    descriptionMozilla Firefox was updated to the 10.0.9ESR security release which fixes bugs and security issues : - Security researchers Thai Duong and Juliano Rizzo reported that SPDY
    last seen2020-06-05
    modified2013-01-25
    plugin id64133
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64133
    titleSuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 6951)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_160.NASL
    descriptionThe installed version of Thunderbird is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) -
    last seen2020-06-01
    modified2020-06-02
    plugin id62582
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62582
    titleMozilla Thunderbird < 16.0 Multiple Vulnerabilities
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_1008.NASL
    descriptionThe installed version of Thunderbird 10.0.x is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) - Some methods of a feature used for testing (DOMWindowUtils) are not properly protected and may be called through script by web pages. (CVE-2012-3986) - A potentially exploitable denial of service may be caused by a combination of invoking full-screen mode and navigating backwards in history. (CVE-2012-3988) - When the
    last seen2020-06-01
    modified2020-06-02
    plugin id62581
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62581
    titleMozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_THUNDERBIRD_16_0.NASL
    descriptionThe installed version of Thunderbird is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983) -
    last seen2020-06-01
    modified2020-06-02
    plugin id62578
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62578
    titleMozilla Thunderbird < 16.0 Multiple Vulnerabilities (Mac OS X)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1611-1.NASL
    descriptionHenrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. (CVE-2012-3982, CVE-2012-3983, CVE-2012-3988, CVE-2012-3989, CVE-2012-4191) David Bloom and Jordi Chancel discovered that Thunderbird did not always properly handle the <select> element. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. (CVE-2012-3984) Collin Jackson discovered that Thunderbird did not properly follow the HTML5 specification for document.domain behavior. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct cross-site scripting (XSS) attacks via JavaScript execution. (CVE-2012-3985) Johnny Stenback discovered that Thunderbird did not properly perform security checks on test methods for DOMWindowUtils. (CVE-2012-3986) Alice White discovered that the security checks for GetProperty could be bypassed when using JSAPI. If a user were tricked into opening a specially crafted web page and had JavaScript enabled, a remote attacker could exploit this to execute arbitrary code as the user invoking the program. (CVE-2012-3991) Mariusz Mlynski discovered a history state error in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to spoof the location property to inject script or intercept posted data. (CVE-2012-3992) Mariusz Mlynski and others discovered several flaws in Thunderbird that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page and had JavaScript enabled, a remote attacker could exploit these to modify the contents, or steal confidential data, within the same domain. (CVE-2012-3993, CVE-2012-3994, CVE-2012-4184) Abhishek Arya, Atte Kettunen and others discovered several memory flaws in Thunderbird when using the Address Sanitizer tool. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or execute arbitrary code as the user invoking the program. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188) It was discovered that Thunderbird allowed improper access to the Location object. An attacker could exploit this to obtain sensitive information. Under certain circumstances, a remote attacker could use this vulnerability to potentially execute arbitrary code as the user invoking the program. (CVE-2012-4192, CVE-2012-4193). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62548
    published2012-10-15
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62548
    titleUbuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : thunderbird vulnerabilities (USN-1611-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_FIREFOX-201210-8327.NASL
    descriptionMozillaFirefox was updated to the 10.0.9ESR security release which fixes bugs and security issues : - Security researchers Thai Duong and Juliano Rizzo reported that SPDY
    last seen2020-06-05
    modified2012-10-17
    plugin id62573
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62573
    titleSuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8327)

Oval

accepted2014-10-06T04:02:14.608-04:00
classvulnerability
contributors
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameRichard Helbing
    organizationbaramundi software
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
definition_extensions
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
  • commentMozilla Seamonkey is installed
    ovaloval:org.mitre.oval:def:6372
  • commentMozilla Firefox Mainline release is installed
    ovaloval:org.mitre.oval:def:22259
descriptionMultiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
familywindows
idoval:org.mitre.oval:def:16901
statusaccepted
submitted2013-05-13T10:26:26.748+04:00
titleMultiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
version34

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 55856 CVE ID: CVE-2012-3983 Firefox是一款非常流行的开源WEB浏览器。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。 Mozilla Firefox 15存在安全漏洞,可导致任意代码执行。 0 Mozilla Firefox 15 厂商补丁: Mozilla ------- Mozilla已经为此发布了一个安全公告(mfsa2012-74)以及相应补丁: mfsa2012-74:Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8) 链接:http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
idSSV:60434
last seen2017-11-19
modified2012-10-14
published2012-10-14
reporterRoot
titleMozilla Firefox 15内存破坏漏洞 (CVE-2012-3983)