CVE-2012-3970 in Firefoxinfo

Summary

Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

07/11/2012

Disclosure

08/29/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

10.0

EPSS

0.02745

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3970
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3970
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3970/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!