CVE-2012-1941 - Vulnerability Details

Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.06289.

Key SSVC decision points have not yet been added.

Vendors	Products
Mozilla	Firefox Seamonkey Thunderbird Thunderbird Esr
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox:4.0:::::::*
	cpe:2.3:a:mozilla:firefox:4.0:beta1::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta10::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta11::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta12::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta2::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta3::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta4::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta5::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta6::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta7::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta8::::::
	cpe:2.3:a:mozilla:firefox:4.0:beta9::::::
	cpe:2.3:a:mozilla:firefox:4.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:5.0:::::::*
	cpe:2.3:a:mozilla:firefox:5.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:6.0:::::::*
	cpe:2.3:a:mozilla:firefox:6.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:6.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:7.0:::::::*
	cpe:2.3:a:mozilla:firefox:7.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:8.0:::::::*
	cpe:2.3:a:mozilla:firefox:8.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:9.0:::::::*
	cpe:2.3:a:mozilla:firefox:9.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:10.0:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:10.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:11.0:::::::*
	cpe:2.3:a:mozilla:firefox:12.0:::::::*
	cpe:2.3:a:mozilla:firefox:12.0:beta6::::::
	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
	cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
	cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
	cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.12:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.13:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.14:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2::::::
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.1:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc1::::::
cpe:2.3:a:mozilla:seamonkey:2.1:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.2:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.2:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.2:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.3:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.3:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.3.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.3.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.4:::::::*
cpe:2.3:a:mozilla:seamonkey:2.4:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.4:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.4:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.4.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.5:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.5:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.6:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.6:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.6.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.7:beta5::::::
cpe:2.3:a:mozilla:seamonkey:2.7.1:::::::*
cpe:2.3:a:mozilla:seamonkey:2.7.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.8:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta3::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta4::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta5::::::
cpe:2.3:a:mozilla:seamonkey:2.8:beta6::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta1::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta2::::::
cpe:2.3:a:mozilla:seamonkey:2.9:beta3::::::
cpe:2.3:a:mozilla:thunderbird:5.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:6.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0:::::::*
cpe:2.3:a:mozilla:thunderbird:7.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:8.0:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0:::::::*
cpe:2.3:a:mozilla:thunderbird:9.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:10.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:11.0:::::::*
cpe:2.3:a:mozilla:thunderbird:12.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
firefox-0:10.0.5-1.el5_8	cpe:/o:redhat:enterprise_linux:5	RHSA-2012:0710	2012-06-05T00:00:00Z
xulrunner-0:10.0.5-1.el5_8	cpe:/o:redhat:enterprise_linux:5	RHSA-2012:0710	2012-06-05T00:00:00Z
thunderbird-0:10.0.5-2.el5_8	cpe:/o:redhat:enterprise_linux:5	RHSA-2012:0715	2012-06-06T00:00:00Z
Red Hat Enterprise Linux 6
firefox-0:10.0.5-1.el6_2	cpe:/o:redhat:enterprise_linux:6	RHSA-2012:0710	2012-06-05T00:00:00Z
xulrunner-0:10.0.5-1.el6_2	cpe:/o:redhat:enterprise_linux:6	RHSA-2012:0710	2012-06-05T00:00:00Z
thunderbird-0:10.0.5-2.el6_2	cpe:/o:redhat:enterprise_linux:6	RHSA-2012:0715	2012-06-06T00:00:00Z

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2012-1950	Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.
Ubuntu USN	USN-1463-1	Firefox vulnerabilities
Ubuntu USN	USN-1463-4	Thunderbird vulnerabilities
Ubuntu USN	USN-1463-6	Thunderbird vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html
http://rhn.redhat.com/errata/RHSA-2012-0710.html
http://rhn.redhat.com/errata/RHSA-2012-0715.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:088
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
https://bugzilla.mozilla.org/show_bug.cgi?id=750066
https://nvd.nist.gov/vuln/detail/CVE-2012-1941
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16985
https://www.cve.org/CVERecord?id=CVE-2012-1941

History

Mon, 21 Oct 2024 14:15:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:10.0.1:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.2:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0:::::::*
Vendors & Products	Mozilla firefox Esr

Mon, 21 Oct 2024 13:30:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:10.0.3:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.4:::::::*	cpe:2.3:a:mozilla:firefox:10.0.3:::::::* cpe:2.3:a:mozilla:firefox:10.0.4:::::::*

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-06-05T23:00:00

Updated: 2024-08-06T19:17:27.045Z

Reserved: 2012-03-30T00:00:00

Link: CVE-2012-1941

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-06-05T23:55:01.637

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-1941

Redhat

Severity : Critical

Publid Date: 2012-06-05T00:00:00Z

Links: CVE-2012-1941 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object