Oval Definition:oval:org.mitre.oval:def:14258
Revision Date:2014-10-06Version:36
Title:Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
Description:Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-0454
Platform(s):Microsoft Windows 7
Product(s):Mozilla Firefox
Mozilla Firefox ESR
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird ESR
Definition Synopsis
  • Microsoft Windows 7 (32-bit) is installed
  • AND Vulnerable version of Firefox, Thunderbird, or SeaMonkey installed
  • Determine if the version of Mozilla Firefox is equal to 4.0.1
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 4.0.1
  • OR Determine if the version of Mozilla Firefox is equal to 5.0
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 5.0
  • OR Determine if the version of Mozilla Firefox is equal to 6.0
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 6.0
  • OR Determine if the version of Mozilla Firefox is equal to 7.0.1
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 7.0.1
  • OR Determine if the version of Mozilla Firefox is equal to 8.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 8.0
  • OR Determine if the version of Mozilla Firefox is equal to 9.0.1
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 9.0.1
  • OR Determine if the version of Mozilla Thunderbird is equal to 5.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 5.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 6.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 6.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 7.0.1
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 7.0.1
  • OR Determine if the version of Mozilla Thunderbird is equal to 8.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 8.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 9.0.1
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 9.0.1
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.7 and is greater than or equal to 2.0.1
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.7
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0
  • OR Check for vulnerable Mozilla Firefox ESR
  • Mozilla Firefox ESR is installed
  • AND Mozilla Firefox ESR version is less than 10.0.3 and greater than or equal to 10.x
  • OR Check for vulnerable Mozilla Thunderbird ESR
  • Mozilla Thunderbird ESR is installed
  • AND Mozilla Thunderbird ESR version is less than 10.0.3 and greater than or equal to 10.x
    • BACK