CVE-2012-1939

{"id": "CVE-2012-1939", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-06-05T23:55:01.560", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html", "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-0710.html", "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-0715.html", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2012/dsa-2499", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:088", "source": "cve@mitre.org"}, {"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-34.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=748613", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code."}, {"lang": "es", "value": "jsinfer.cpp en Mozilla Firefox ESR v10.x antes de v10.0.5 y Thunderbird ESR v10.x antes de v10.0.5 no determinan correctamente los tipos de datos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de c\u00f3digo JavaScript dise\u00f1ado para tal fin."}], "lastModified": "2017-12-29T02:29:14.597", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB867E19-9678-4BC2-A0C6-1D5E1A420637"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDA03C94-CA08-4D5A-9D96-551A5D4892B9"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24BA1727-264B-4E53-874D-A5DAFE275922"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2F499D8-F2FB-4AE9-8464-88717C5213D6"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DFCA446-F247-45B8-BE02-A006FA9EAF8C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "369438BA-3E3E-4F4A-9D55-37201BCC19EA"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C6BE133-ED60-489A-9EA4-239FFFAD13A6"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "772CC146-E2FA-4E18-AAAB-1D04D8572DB1"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EAFAA60-E23E-4BAD-ACE6-17E760F03FDC"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BD8FF90-E66B-4D22-A5E1-558D6384D152"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}