HIGH✓ PATCH🇬🇧 English

CVE-2012-5835

CVSS 10.0v2.0pub. 2012-11-21upd. 2026-04-29

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Canonical Ubuntu

    OS
    Canonical
    10.0411.1012.0412.10
  • Mozilla Firefox

    APP
    Mozilla
    < 10.0.11< 17.0
  • Mozilla Seamonkey

    APP
    Mozilla
    < 2.14
  • Mozilla Thunderbird

    APP
    Mozilla
    < 17.0
  • Mozilla Thunderbird Esr

    APP
    Mozilla
    < 10.0.11
  • Opensuse

    OS
    Opensuse
    11.412.112.2
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    6.3
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    5.06.0
  • SUSE Linux Enterprise Desktop

    OS
    Suse
    1011
  • SUSE Linux Enterprise Server

    OS
    Suse
    1011
  • SUSE Linux Enterprise Software Development Kit

    OS
    Suse
    1011
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCEDoS
CWE
Referencje

Powiązane podatności

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2022-26486CRITICAL9.6⚠ KEVten sam produkt

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...

CVE-2022-0543CRITICAL10.0⚠ KEVten sam produkt

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...