Unrated severityNVD Advisory· Published Nov 21, 2012· Updated Apr 29, 2026
CVE-2012-5835
CVE-2012-5835
Description
Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.
Affected products
25cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
26- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-11/msg00090.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-11/msg00092.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2012-11/msg00093.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1482.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1483.htmlnvdThird Party Advisory
- secunia.com/advisories/51359nvdThird Party Advisory
- secunia.com/advisories/51360nvdThird Party Advisory
- secunia.com/advisories/51369nvdThird Party Advisory
- secunia.com/advisories/51370nvdThird Party Advisory
- secunia.com/advisories/51381nvdThird Party Advisory
- secunia.com/advisories/51434nvdThird Party Advisory
- secunia.com/advisories/51439nvdThird Party Advisory
- secunia.com/advisories/51440nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2012/mfsa2012-106.htmlnvdVendor Advisory
- www.securityfocus.com/bid/56643nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1636-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1638-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1638-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1638-3nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/80185nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16603nvdThird Party Advisory
- osvdb.org/87601nvdBroken Link
News mentions
0No linked articles in our index yet.