CVE-2012-3971

Publication date 29 August 2012

Last updated 24 July 2024


Ubuntu priority

Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.

Status

Package Ubuntu Release Status
firefox 17.04 zesty
Fixed 15.0+build1-0ubuntu1
16.10 yakkety
Fixed 15.0+build1-0ubuntu1
16.04 LTS xenial
Fixed 15.0+build1-0ubuntu1
15.10 wily
Fixed 15.0+build1-0ubuntu1
15.04 vivid
Fixed 15.0+build1-0ubuntu1
14.10 utopic
Fixed 15.0+build1-0ubuntu1
14.04 LTS trusty
Fixed 15.0+build1-0ubuntu1
13.10 saucy
Fixed 15.0+build1-0ubuntu1
13.04 raring
Fixed 15.0+build1-0ubuntu1
12.10 quantal
Fixed 15.0+build1-0ubuntu1
12.04 LTS precise
Fixed 15.0+build1-0ubuntu0.12.04.1
11.10 oneiric
Fixed 15.0+build1-0ubuntu0.11.10.1
11.04 natty
Fixed 15.0+build1-0ubuntu0.11.04.2
10.04 LTS lucid
Fixed 15.0+build1-0ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life
graphite2 17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty
Not affected
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise Ignored end of life
11.10 oneiric Not in release
11.04 natty Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
seamonkey 17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Ignored end of life
11.04 natty Ignored end of life
10.04 LTS lucid Ignored end of life
8.04 LTS hardy Ignored end of life
thunderbird 17.04 zesty
Fixed 15.0+build1-0ubuntu1
16.10 yakkety
Fixed 15.0+build1-0ubuntu1
16.04 LTS xenial
Fixed 15.0+build1-0ubuntu1
15.10 wily
Fixed 15.0+build1-0ubuntu1
15.04 vivid
Fixed 15.0+build1-0ubuntu1
14.10 utopic
Fixed 15.0+build1-0ubuntu1
14.04 LTS trusty
Fixed 15.0+build1-0ubuntu1
13.10 saucy
Fixed 15.0+build1-0ubuntu1
13.04 raring
Fixed 15.0+build1-0ubuntu1
12.10 quantal
Fixed 15.0+build1-0ubuntu1
12.04 LTS precise
Fixed 15.0+build1-0ubuntu0.12.04.1
11.10 oneiric
Fixed 15.0+build1-0ubuntu0.11.10.1
11.04 natty
Fixed 15.0+build1-0ubuntu0.11.04.1
10.04 LTS lucid
Fixed 15.0+build1-0ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life
xulrunner-1.9.2 17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Ignored end of life
10.04 LTS lucid Ignored end of life
8.04 LTS hardy Ignored end of life
xulrunner-2.0 17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Ignored end of life
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-1548-1
    • Firefox vulnerabilities
    • 29 August 2012
    • USN-1551-1
    • Thunderbird vulnerabilities
    • 30 August 2012

Other references