CVE-2012-3972 in Firefoxinfo

Summary

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

07/11/2012

Disclosure

08/29/2012

Moderation

VulDB entry created

Entries

VDB-6060 (1)

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.04549

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3972
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3972
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3972/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!