Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey
CVE-2012-4204 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
Learn more about our Cis Benchmark Audit For Mozilla Firefox.