Unrated severityNVD Advisory· Published Oct 10, 2012· Updated Jun 16, 2026
CVE-2012-4185
CVE-2012-4185
Description
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <10.0.8
- (no CPE)range: <16.0
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <2.13
- (no CPE)range: <2.13
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <16.0
- cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*range: <10.0.8
- (no CPE)range: <16.0
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- osv-coords3 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 2 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
Patches
Vulnerability mechanics
References
17- lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1351.htmlnvdThird Party Advisory
- secunia.com/advisories/50856nvdThird Party Advisory
- secunia.com/advisories/50892nvdThird Party Advisory
- secunia.com/advisories/50904nvdThird Party Advisory
- secunia.com/advisories/50935nvdThird Party Advisory
- secunia.com/advisories/50936nvdThird Party Advisory
- secunia.com/advisories/50984nvdThird Party Advisory
- secunia.com/advisories/55318nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2012/mfsa2012-86.htmlnvdVendor Advisory
- www.securityfocus.com/bid/56127nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1611-1nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/79162nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16009nvdThird Party Advisory
- osvdb.org/86116nvdBroken Link
News mentions
0No linked articles in our index yet.