CVE-2012-0444

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

Published date
2012-02-01T16:55Z
Last modification date
2020-08-28T13:12Z
Assigner
cve@mitre.org
Problem type
CWE-119
NameURLSourceTags
https://bugzilla.mozilla.org/show_bug.cgi?id=719612https://bugzilla.mozilla.org/show_bug.cgi?id=719612CONFIRMExploit, Issue Tracking, Patch, Vendor Advisory
http://www.mozilla.org/security/announce/2012/mfsa2012-07.htmlhttp://www.mozilla.org/security/announce/2012/mfsa2012-07.htmlCONFIRMVendor Advisory
DSA-2400http://www.debian.org/security/2012/dsa-2400DEBIANThird Party Advisory
openSUSE-SU-2012:0234http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.htmlSUSEMailing List, Third Party Advisory
SUSE-SU-2012:0221http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.htmlSUSEMailing List, Third Party Advisory
SUSE-SU-2012:0198http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.htmlSUSEMailing List, Third Party Advisory
MDVSA-2012:013http://www.mandriva.com/security/advisories?name=MDVSA-2012:013MANDRIVAThird Party Advisory
51753http://www.securityfocus.com/bid/51753BIDThird Party Advisory, VDB Entry
mozilla-nschildview-code-exec(72858)https://exchange.xforce.ibmcloud.com/vulnerabilities/72858XFThird Party Advisory, VDB Entry
oval:org.mitre.oval:def:14464https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464OVALThird Party Advisory
DSA-2406http://www.debian.org/security/2012/dsa-2406DEBIANThird Party Advisory
DSA-2402http://www.debian.org/security/2012/dsa-2402DEBIANThird Party Advisory
48095http://secunia.com/advisories/48095SECUNIAThird Party Advisory
48043http://secunia.com/advisories/48043SECUNIAThird Party Advisory
USN-1370-1http://www.ubuntu.com/usn/USN-1370-1UBUNTUThird Party Advisory