View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2012-4187 severity moderate: SUSE including 67 source package names (MozillaFirefox, MozillaFirefox-10.0.9-0.3.1, …), 118 product×package rows across 43 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (43 product lines)): Fixed 87, Known Not Affected 31.
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.