Use After Free in Apple Mac_os_x
CVE-2012-5830
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary…
Vulnerability class: Use-After-Free
EPSS: 0.009 (75.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Apple Mac_os_x
- Mozilla Firefox
- Mozilla Seamonkey
- Mozilla Thunderbird
- Mozilla Thunderbird_esr
- Canonical Ubuntu_linux — versions 10.04, 11.10, 12.04
- Opensuse — versions 11.4, 12.1, 12.2
- Redhat Enterprise_linux_desktop — versions 5.0, 6.0
- Redhat Enterprise_linux_eus — versions 6.3
- Redhat Enterprise_linux_server — versions 5.0, 6.0
Weakness classification (CWE)
References
- USN-1638-3 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- 51370 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
- USN-1638-2 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- cve@mitre.org (x_refsource_CONFIRM, Exploit, Issue Tracking, Vendor Advisory)
- openSUSE-SU-2012:1586 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- USN-1636-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- openSUSE-SU-2013:0175 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- RHSA-2012:1483 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- firefox-html-file-code-execution(80183) (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_XF)
- RHSA-2012:1482 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
Frequently asked questions
- What is CVE-2012-5830?
- CVE-2012-5830 is a high-severity vulnerability in Apple Mac_os_x, classified under Use After Free. CVSS score: 8.8/10. Published 2012-11-21.
- How severe is CVE-2012-5830?
- High severity. CVSS v3 base score is 8.8 out of 10.