CVE-2012-0464

Priority
Medium
Description
Use-after-free vulnerability in the browser engine in Mozilla Firefox
before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3,
Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before
10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute
arbitrary code via vectors involving an empty argument to the array.join
function in conjunction with the triggering of garbage collection.
References
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):released (3.1.20+build1+nobinonly-0ubuntu0.10.04.1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.04 (Raring Ringtail):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):released (11.0+build1-0ubuntu0.10.04.2)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.04 (Raring Ringtail):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):released (1.9.2.28+build1+nobinonly-0ubuntu0.10.04.1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2013-12-20 21:16:59 UTC (commit 7585)