[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-0459Date: (C)2012-03-14   (M)2024-03-27


The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1026801
SECTRACK-1026803
SECTRACK-1026804
SECUNIA-48359
SECUNIA-48402
SECUNIA-48496
SECUNIA-48513
SECUNIA-48553
SECUNIA-48561
SECUNIA-48629
SECUNIA-49055
MDVSA-2012:032
RHSA-2012:0387
RHSA-2012:0388
SUSE-SU-2012:0424
USN-1400-1
USN-1400-2
USN-1400-3
USN-1400-4
USN-1400-5
http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
https://bugzilla.mozilla.org/show_bug.cgi?id=723446
openSUSE-SU-2012:0417
oval:org.mitre.oval:def:15066

CPE    138
cpe:/a:mozilla:firefox:7.0.1
cpe:/a:mozilla:seamonkey:1.5.0.8
cpe:/a:mozilla:seamonkey:1.5.0.9
cpe:/a:mozilla:firefox:9.0.1
...
CWE    1
CWE-264
OVAL    17
oval:org.secpod.oval:def:700814
oval:org.secpod.oval:def:700808
oval:org.secpod.oval:def:700809
oval:org.secpod.oval:def:202285
...

© SecPod Technologies