X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Multiple vulnerabilities in Firefox

Ritwik Ghoshal
Principal Security Analyst
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3982 Denial of service (DoS) vulnerability 10.0 Firefox
Solaris 10 SPARC: 145080-13 X86: 145081-12
CVE-2012-3983 Denial of service (DoS) vulnerability 10.0
CVE-2012-3986 Permissions, Privileges, and Access Controls vulnerability 6.4
CVE-2012-3988 Resource Management Errors vulnerability 9.3
CVE-2012-3990 Resource Management Errors vulnerability 10.0
CVE-2012-3991 Permissions, Privileges, and Access Controls vulnerability 9.3
CVE-2012-3992 Permissions, Privileges, and Access Controls vulnerability 5.8
CVE-2012-3993 Design Error vulnerability 9.3
CVE-2012-3994 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-3995 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4179 Resource Management Errors vulnerability 10.0
CVE-2012-4180 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4181 Resource Management Errors vulnerability 10.0
CVE-2012-4182 Resource Management Errors vulnerability 10.0
CVE-2012-4183 Resource Management Errors vulnerability 10.0
CVE-2012-4184 Permissions, Privileges, and Access Controls vulnerability 9.3
CVE-2012-4185 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4186 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4187 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4188 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4192 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2012-4193 Design Error vulnerability 9.3
CVE-2012-4194 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-4195 Permissions, Privileges, and Access Controls vulnerability 5.1
CVE-2012-4196 Permissions, Privileges, and Access Controls vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Note: Solaris 10 patches SPARC: 145080-13 X86: 145081-12 contain the fix for all CVEs between Firefox version 10.0.7 and 10.0.12.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.