VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
epss	0.01023	https://api.first.org/data/v1/epss?cve=CVE-2012-5838
cvssv2	9.3	https://nvd.nist.gov/vuln/detail/CVE-2012-5838
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2012-106

System

Score

Found at

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

epss

0.01023

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

cvssv2

9.3

https://nvd.nist.gov/vuln/detail/CVE-2012-5838

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2012-106

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html
		http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html
		http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html
		http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html
		http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html
		http://osvdb.org/87599
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5838.json
		https://api.first.org/data/v1/epss?cve=CVE-2012-5838
		https://bugzilla.mozilla.org/show_bug.cgi?id=802778
		http://secunia.com/advisories/51369
		http://secunia.com/advisories/51370
		http://secunia.com/advisories/51381
		http://secunia.com/advisories/51434
		http://secunia.com/advisories/51439
		http://secunia.com/advisories/51440
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16896
		http://www.mozilla.org/security/announce/2012/mfsa2012-106.html
		http://www.securityfocus.com/bid/56644
		http://www.ubuntu.com/usn/USN-1636-1
		http://www.ubuntu.com/usn/USN-1638-1
		http://www.ubuntu.com/usn/USN-1638-2
		http://www.ubuntu.com/usn/USN-1638-3
877945		https://bugzilla.redhat.com/show_bug.cgi?id=877945
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:seamonkey::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:a:mozilla:thunderbird_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
cpe:2.3:o:opensuse:opensuse:11.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
cpe:2.3:o:opensuse:opensuse:12.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:::::::*
cpe:2.3:o:opensuse:opensuse:12.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4::::::
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::
cpe:2.3:o:suse:linux_enterprise_server:10:sp4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::vmware::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::vmware::*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2::::::
CVE-2012-5838		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5838
CVE-2012-5838		https://nvd.nist.gov/vuln/detail/CVE-2012-5838
GLSA-201301-01		https://security.gentoo.org/glsa/201301-01
mfsa2012-106		https://www.mozilla.org/en-US/security/advisories/mfsa2012-106
USN-1636-1		https://usn.ubuntu.com/1636-1/
USN-1638-1		https://usn.ubuntu.com/1638-1/

Reference id

Reference type

URL

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html

http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html

http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html

http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html

http://osvdb.org/87599

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5838.json

https://api.first.org/data/v1/epss?cve=CVE-2012-5838

https://bugzilla.mozilla.org/show_bug.cgi?id=802778

http://secunia.com/advisories/51369

http://secunia.com/advisories/51370

http://secunia.com/advisories/51381

http://secunia.com/advisories/51434

http://secunia.com/advisories/51439

http://secunia.com/advisories/51440

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16896

http://www.mozilla.org/security/announce/2012/mfsa2012-106.html

http://www.securityfocus.com/bid/56644

http://www.ubuntu.com/usn/USN-1636-1

http://www.ubuntu.com/usn/USN-1638-1

http://www.ubuntu.com/usn/USN-1638-2

http://www.ubuntu.com/usn/USN-1638-3

877945

https://bugzilla.redhat.com/show_bug.cgi?id=877945

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*

CVE-2012-5838

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5838

CVE-2012-5838

https://nvd.nist.gov/vuln/detail/CVE-2012-5838

GLSA-201301-01

https://security.gentoo.org/glsa/201301-01

mfsa2012-106

https://www.mozilla.org/en-US/security/advisories/mfsa2012-106

USN-1636-1

https://usn.ubuntu.com/1636-1/

USN-1638-1

https://usn.ubuntu.com/1638-1/

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:09:59.317496+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201301-01	38.0.0

2026-04-01T13:09:59.317496+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/201301-01

38.0.0

Vulnerability ID	VCID-xund-6gke-rugv
Aliases	CVE-2012-5838
Summary	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-416	Use After Free
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer

Percentile	0.77194
EPSS Score	0.01023
Published At	April 1, 2026, 12:55 p.m.