CVE-2012-0444
Publication date 1 February 2012
Last updated 24 July 2024
Ubuntu priority
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Fixed 10.0+build1-0ubuntu0.11.10.1
|
|
11.04 natty |
Fixed 10.0+build1-0ubuntu0.11.04.1
|
|
10.10 maverick |
Fixed 10.0+build1-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 10.0+build1-0ubuntu0.10.04.2
|
|
8.04 LTS hardy | Ignored end of life | |
libvorbis | 13.10 saucy |
Fixed 1.3.2-1ubuntu3
|
13.04 raring |
Fixed 1.3.2-1ubuntu3
|
|
12.10 quantal |
Fixed 1.3.2-1ubuntu3
|
|
12.04 LTS precise |
Fixed 1.3.2-1ubuntu3
|
|
11.10 oneiric |
Fixed 1.3.2-1ubuntu2.1
|
|
11.04 natty |
Fixed 1.3.2-1ubuntu1.1
|
|
10.10 maverick |
Fixed 1.3.1-1ubuntu0.1
|
|
10.04 LTS lucid |
Fixed 1.2.3-3ubuntu1.1
|
|
8.04 LTS hardy | Ignored end of life | |
seamonkey | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
thunderbird | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Fixed 10.0.2+build1-0ubuntu0.11.10.1
|
|
11.04 natty |
Fixed 3.1.18+build2+nobinonly-0ubuntu0.11.04.1
|
|
10.10 maverick |
Fixed 3.1.18+build2+nobinonly-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 3.1.18+build2+nobinonly-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Ignored end of life | |
xulrunner-1.9.2 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty |
Fixed 1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1
|
|
10.10 maverick |
Fixed 1.9.2.26+build2+nobinonly-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 1.9.2.26+build2+nobinonly-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Ignored end of life | |
xulrunner-2.0 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty | Ignored end of life | |
10.10 maverick | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |
Patch details
Package | Patch details |
---|---|
firefox | |
libvorbis |
|
References
Related Ubuntu Security Notices (USN)
- USN-1370-1
- libvorbis vulnerability
- 20 February 2012
- USN-1369-1
- Thunderbird vulnerabilities
- 17 February 2012
- USN-1355-1
- Firefox vulnerabilities
- 3 February 2012
- USN-1353-1
- Xulrunnner vulnerabilities
- 8 February 2012
- USN-1350-1
- Thunderbird vulnerabilities
- 8 February 2012