Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3966 Multiple Memory Corruption Vulnerabilities

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to multiple memory-corruption vulnerabilities that may allow remote code execution.

An attacker could exploit these issues by enticing an unsuspecting user to view malicious content.

A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

These issues are fixed in:

Firefox 15
Firefox ESR 10.0.7
Thunderbird 15
Thunderbird ESR 10.0.7
SeaMonkey 2.12

Note: These issues were previously discussed in BID 55249 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-57 through -72 Multiple Vulnerabilities) but has been moved to its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus