| CVE Description | CVSSv2 Base Score | Component | Product and Resolution |
|---|
| CVE-2012-1948 Denial of service (DoS) vulnerability | 9.3 | Thunderbird | |
| CVE-2012-1950 Address spoofing vulnerability | 6.4 |
| CVE-2012-1951 Resource Management Errors vulnerability | 10.0 |
| CVE-2012-1952 Resource Management Errors vulnerability | 9.3 |
| CVE-2012-1953 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability | 9.3 |
| CVE-2012-1954 Resource Management Errors vulnerability | 10.0 |
| CVE-2012-1955 Address spoofing vulnerability | 6.8 |
| CVE-2012-1957 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability | 4.3 |
| CVE-2012-1958 Resource Management Errors vulnerability | 9.3 |
| CVE-2012-1959 Permissions, Privileges, and Access Controls vulnerability | 5.0 |
| CVE-2012-1961 Improper Input Validation vulnerability | 4.3 |
| CVE-2012-1962 Resource Management Errors vulnerability | 10.0 |
| CVE-2012-1963 Permissions, Privileges, and Access Controls vulnerability | 4.3 |
| CVE-2012-1964 Clickjacking vulnerability | 4.0 |
| CVE-2012-1965 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability | 4.3 |
| CVE-2012-1966 Permissions, Privileges, and Access Controls vulnerability | 4.3 |
| CVE-2012-1967 Arbitrary code execution vulnerability | 10.0 |
| CVE-2012-1970 Denial of service (DoS) vulnerability | 10.0 |
| CVE-2012-1973 Resource Management Errors vulnerability | 10.0 |
| CVE-2012-3966 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability | 10.0 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.