New Search

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0 Firefox ESR 10.x before 10.0.4 Thunderbird 5.0 through 11.0 Thunderbird ESR 10.x before 10.0.4 and SeaMonkey before 2.9 when certain Windows Vista and Windows 7 configurations are used does not properly restrict font-rendering attempts which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

oval:org.mitre.oval:def:17067

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0 Firefox ESR 10.x before 10.0.4 Thunderbird 5.0 through 11.0 Thunderbird ESR 10.x before 10.0.4 and SeaMonkey before 2.9 when certain Windows Vista and Windows 7 configurations are used does not properly restrict font-rendering attempts which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows 7
  • Microsoft Windows 8
  • Microsoft Windows Server 2012
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2012-0472
Product(s):
  • Mozilla Firefox
  • Mozilla Firefox ESR
  • Mozilla SeaMonkey
  • Mozilla Thunderbird
  • Mozilla Thunderbird ESR