|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-07-22 | |
| Rule Name: | Mozilla Multiple Products WAV Processing Buffer Overflow Vulnerability -1 (CVE-2012-4186) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://rhn.redhat.com/errata/RHSA-2012-1351.html http://www.debian.org/security/2012/dsa-2565 http://www.debian.org/security/2012/dsa-2569 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.mozilla.org/security/announce/2012/mfsa2012-86.html |