CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0451 Improper Control of Generation of Code ('Code Injection') vulnerability
4.3
Thunderbird
Solaris 11
11/11 SRU 8.5
CVE-2012-0455 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
4.3
CVE-2012-0456 Information Exposure vulnerability
5.0
CVE-2012-0457 Resource Management Errors vulnerability
9.3
CVE-2012-0458 Permissions, Privileges, and Access Controls vulnerability
6.8
CVE-2012-0459 Permissions, Privileges, and Access Controls vulnerability
7.5
CVE-2012-0460 Permissions, Privileges, and Access Controls vulnerability
6.4
CVE-2012-0461 Denial of Service (DoS) vulnerability
7.5
CVE-2012-0462 Denial of Service (DoS) vulnerability
7.5
CVE-2012-0464 Resource Management Errors vulnerability
7.5
This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.