Mozilla Firefox up to 10.2 on Win7 32bit Window Closing File Open Dialog shlwapi.dll resource management
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.9 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Mozilla Firefox up to 10.2 on Win7 32bit. It has been rated as problematic. This affects an unknown part in the library shlwapi.dll of the component Window Closing File Open Dialog. Performing a manipulation results in resource management. This vulnerability is cataloged as CVE-2012-0454. Furthermore, there is an exploit available. Upgrading the affected component is advised.
Details
A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 10.2 on Win7 32bit (Web Browser). This affects an unknown function in the library shlwapi.dll of the component Window Closing File Open Dialog. The manipulation with an unknown input leads to a resource management vulnerability. CWE is classifying the issue as CWE-399. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
The weakness was shared 03/13/2012 by Blair Strang and Scott Bell with Security Assessment as MFSA2012-12 as not defined advisory (Website). The advisory is shared at mozilla.org. This vulnerability is uniquely identified as CVE-2012-0454 since 01/09/2012. The exploitability is told to be difficult. It is possible to initiate the attack remotely. The successful exploitation requires a authentication. Technical details and a private exploit are known.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 831610 , which helps to determine the existence of the flaw in a target environment.
Upgrading to version 10.0.3 or 11.0 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (831610), SecurityFocus (BID 52455†), OSVDB (80010†), Secunia (SA48402†) and SecurityTracker (ID 1026803†). The entry VDB-4820 is related to this item. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.mozilla.org/
- Product: https://www.mozilla.org/en-US/firefox/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.9VulDB Meta Temp Score: 8.9
VulDB Base Score: 9.9
VulDB Temp Score: 8.9
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Private
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 831610
Nessus File: 🔍
Nessus Risk: 🔍
OpenVAS ID: 831611
OpenVAS Name: Mandriva Update for mozilla MDVSA-2012:032 (mozilla)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: Firefox 10.0.3/11.0
Timeline
01/09/2012 🔍03/13/2012 🔍
03/13/2012 🔍
03/13/2012 🔍
03/13/2012 🔍
03/14/2012 🔍
03/14/2012 🔍
03/15/2012 🔍
03/15/2012 🔍
08/03/2012 🔍
01/26/2025 🔍
Sources
Vendor: mozilla.orgProduct: mozilla.org
Advisory: MFSA2012-12
Researcher: Blair Strang , Scott Bell
Organization: Security Assessment
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2012-0454 (🔍)
GCVE (CVE): GCVE-0-2012-0454
GCVE (VulDB): GCVE-100-4809
OVAL: 🔍
SecurityFocus: 52455 - Mozilla Firefox/Thunderbird/SeaMonkey 'shlwapi.dll' Use-After-Free Memory Corruption Vulnerability
Secunia: 48402 - Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities, Highly Critical
OSVDB: 80010
SecurityTracker: 1026803
Vulnerability Center: 34641 - Mozilla Firefox, Thunderbird and SeaMonkey on 32-bit Windows 7 shlwapi.dll Remote DoS Vulnerability, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 03/15/2012 16:45Updated: 01/26/2025 19:45
Changes: 03/15/2012 16:45 (75), 04/10/2017 11:46 (9), 10/21/2024 16:18 (17), 01/26/2025 19:45 (3)
Complete: 🔍
Cache ID: 216:A1B:103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.