Search for vulnerabilities
Vulnerability details: VCID-derv-xd25-aaaf
Vulnerability ID VCID-derv-xd25-aaaf
Aliases CVE-2012-5836
Summary CVE-2012-5836 Mozilla: Crash when combining SVG text on path with CSS (MFSA 2012-94)
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01347 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.01871 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03439 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03439 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03439 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03439 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.03810 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.04328 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.05223 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.05223 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
epss 0.05223 https://api.first.org/data/v1/epss?cve=CVE-2012-5836
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=877617
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2012-5836
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2012-94
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
http://osvdb.org/87593
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5836.json
https://api.first.org/data/v1/epss?cve=CVE-2012-5836
https://bugzilla.mozilla.org/show_bug.cgi?id=792857
http://secunia.com/advisories/51369
http://secunia.com/advisories/51370
http://secunia.com/advisories/51381
http://secunia.com/advisories/51434
http://secunia.com/advisories/51439
http://secunia.com/advisories/51440
https://exchange.xforce.ibmcloud.com/vulnerabilities/80172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16336
http://www.mozilla.org/security/announce/2012/mfsa2012-94.html
http://www.securityfocus.com/bid/56616
http://www.ubuntu.com/usn/USN-1636-1
http://www.ubuntu.com/usn/USN-1638-1
http://www.ubuntu.com/usn/USN-1638-2
http://www.ubuntu.com/usn/USN-1638-3
877617 https://bugzilla.redhat.com/show_bug.cgi?id=877617
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
CVE-2012-5836 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5836
CVE-2012-5836 https://nvd.nist.gov/vuln/detail/CVE-2012-5836
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2012-94 https://www.mozilla.org/en-US/security/advisories/mfsa2012-94
USN-1636-1 https://usn.ubuntu.com/1636-1/
USN-1638-1 https://usn.ubuntu.com/1638-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2012-5836
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.78293
EPSS Score 0.01347
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.