Oval Definition:	oval:org.mitre.oval:def:16735
Revision Date: 2014-10-06 Version: 31 Title: The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation. Description: The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-1960 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP Product(s): Mozilla Firefox Mozilla SeaMonkey Mozilla Thunderbird Definition Synopsis Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 13.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 5.0 Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.10 Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than or equal to 13.0 AND Mozilla Firefox Mainline version is greater than or equal to 4.0
BACK