CVE-2012-0454
Published: 14 March 2012
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Not vulnerable
(windows only)
|
|
| maverick |
Not vulnerable
(windows only)
|
|
| natty |
Not vulnerable
(windows only)
|
|
| oneiric |
Not vulnerable
(windows only)
|
|
| upstream |
Needs triage
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Not vulnerable
(windows only)
|
|
| maverick |
Not vulnerable
(windows only)
|
|
| natty |
Not vulnerable
(windows only)
|
|
| oneiric |
Not vulnerable
(windows only)
|
|
| upstream |
Needs triage
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Not vulnerable
(windows only)
|
|
| maverick |
Not vulnerable
(windows only)
|
|
| natty |
Not vulnerable
(windows only)
|
|
| oneiric |
Not vulnerable
(windows only)
|
|
| upstream |
Needs triage
|
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Not vulnerable
(windows only)
|
|
| maverick |
Not vulnerable
(windows only)
|
|
| natty |
Not vulnerable
(windows only)
|
|
| oneiric |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
xulrunner-2.0 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Ignored
(end of life)
|
|
| oneiric |
Does not exist
|
|
| upstream |
Needs triage
|