Rapid7 Vulnerability & Exploit Database

MFSA2012-44 Firefox: Gecko memory corruption (CVE-2012-1954)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

MFSA2012-44 Firefox: Gecko memory corruption (CVE-2012-1954)

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

07/17/2012

Created

07/25/2018

Added

07/19/2012

Modified

05/09/2019

Description

Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.

Solution(s)

mozilla-firefox-esr-upgrade-10_0_6
mozilla-firefox-upgrade-14_0

References

https://attackerkb.com/topics/cve-2012-1954
54578
CVE - 2012-1954
DSA-2514
DSA-2528
OVAL16984
RHSA-2012:1088
http://www.mozilla.org/security/announce/2012/mfsa2012-44.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MFSA2012-44 Firefox: Gecko memory corruption (CVE-2012-1954)

MFSA2012-44 Firefox: Gecko memory corruption (CVE-2012-1954)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.