Описание
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 5 | firefox | Fixed | RHSA-2012:0387 | 14.03.2012 |
| Red Hat Enterprise Linux 5 | xulrunner | Fixed | RHSA-2012:0387 | 14.03.2012 |
| Red Hat Enterprise Linux 5 | thunderbird | Fixed | RHSA-2012:0388 | 14.03.2012 |
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2012:0387 | 14.03.2012 |
| Red Hat Enterprise Linux 6 | xulrunner | Fixed | RHSA-2012:0387 | 14.03.2012 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2012:0388 | 14.03.2012 |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS2
Связанные уязвимости
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4. ...
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
6.8 Medium
CVSS2