Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-y2mz-17h4-1yhu
Vulnerability ID VCID-y2mz-17h4-1yhu
Aliases CVE-2012-3983
Summary Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2012-3983
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2012-3983
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2012-74
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3983.json
https://api.first.org/data/v1/epss?cve=CVE-2012-3983
https://bugzilla.mozilla.org/show_bug.cgi?id=634444
https://bugzilla.mozilla.org/show_bug.cgi?id=762920
https://bugzilla.mozilla.org/show_bug.cgi?id=768313
https://bugzilla.mozilla.org/show_bug.cgi?id=790865
http://secunia.com/advisories/50856
http://secunia.com/advisories/50892
http://secunia.com/advisories/50904
http://secunia.com/advisories/50935
http://secunia.com/advisories/50984
http://secunia.com/advisories/55318
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16901
http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
http://www.ubuntu.com/usn/USN-1611-1
863615 https://bugzilla.redhat.com/show_bug.cgi?id=863615
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
CVE-2012-3983 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983
CVE-2012-3983 https://nvd.nist.gov/vuln/detail/CVE-2012-3983
mfsa2012-74 https://www.mozilla.org/en-US/security/advisories/mfsa2012-74
USN-1600-1 https://usn.ubuntu.com/1600-1/
USN-1611-1 https://usn.ubuntu.com/1611-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2012-3983
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.73488
EPSS Score 0.00771
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:17:58.294270+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-74.md 38.0.0