Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-3969 Heap Buffer Overflow Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed attempts may lead to a denial-of-service condition.

This issue is fixed in:

Firefox 15
Firefox ESR 10.0.7
Thunderbird 15
Thunderbird ESR 10.0.7
SeaMonkey 2.12

Note: This issue was previously discussed in BID 55249 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-57 through -72 Multiple Vulnerabilities) but has been moved to its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus