Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2012-AVI-394
Vulnerability from certfr_avis
Quatorze vulnérabilités ont été corrigées dans les produits Mozilla. Elles permettent de falsifier des URL, lire de façon arbitraire des espaces mémoire, écrire de façon arbitraire dans des espaces mémoire, contourner des politiques de sécurité et exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | versions antérieures à Thunderbird 14 ; | ||
| Mozilla | Firefox | versions antérieures à Firefox ESR 10.0.6 ; | ||
| Mozilla | Firefox | Versions antérieures à Firefox 14 ; | ||
| Mozilla | Thunderbird | versions antérieures à Thunderbird ESR 10.0.6 ; | ||
| Mozilla | N/A | versions antérieures à SeaMonkey 2.11. |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "versions ant\u00e9rieures \u00e0 Thunderbird 14 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Firefox ESR 10.0.6 ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Versions ant\u00e9rieures \u00e0 Firefox 14 ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 Thunderbird ESR 10.0.6 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "versions ant\u00e9rieures \u00e0 SeaMonkey 2.11.",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-1963",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1963"
},
{
"name": "CVE-2012-1966",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1966"
},
{
"name": "CVE-2012-1949",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1949"
},
{
"name": "CVE-2012-1953",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1953"
},
{
"name": "CVE-2012-1951",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1951"
},
{
"name": "CVE-2012-1958",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1958"
},
{
"name": "CVE-2012-1950",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1950"
},
{
"name": "CVE-2012-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1954"
},
{
"name": "CVE-2012-1967",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1967"
},
{
"name": "CVE-2012-1957",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1957"
},
{
"name": "CVE-2012-1952",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1952"
},
{
"name": "CVE-2012-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1960"
},
{
"name": "CVE-2012-1948",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1948"
},
{
"name": "CVE-2012-1965",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1965"
},
{
"name": "CVE-2012-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1962"
},
{
"name": "CVE-2012-1959",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1959"
},
{
"name": "CVE-2012-1955",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1955"
},
{
"name": "CVE-2012-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1961"
}
],
"initial_release_date": "2012-07-18T00:00:00",
"last_revision_date": "2012-07-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-47 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-47.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-48 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-48.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-55 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-53 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-53.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-43 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-43.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-56 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-56.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-42 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-49 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-49.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-52 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-52.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-46 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-46.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-51 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-51.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-45 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-45.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-50 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-50.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla mfsa2012-44 du 17 juillet 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
}
],
"reference": "CERTA-2012-AVI-394",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Quatorze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eMozilla\u003c/span\u003e. Elles permettent de falsifier des URL,\nlire de fa\u00e7on arbitraire des espaces m\u00e9moire, \u00e9crire de fa\u00e7on arbitraire\ndans des espaces m\u00e9moire, contourner des politiques de s\u00e9curit\u00e9 et\nex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Firefox et Thunderbird",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Mozilla du 18 juillet 2012",
"url": null
}
]
}
CVE-2012-1952 (GCVE-0-2012-1952)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759249"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83999",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/83999"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16942",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16942"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759249"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83999",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/83999"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16942",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16942"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=759249",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759249"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83999",
"refsource": "OSVDB",
"url": "http://osvdb.org/83999"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16942",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16942"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1952",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1953 (GCVE-0-2012-1953)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "oval:org.mitre.oval:def:16894",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16894"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/83998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765218"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "oval:org.mitre.oval:def:16894",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16894"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/83998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765218"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "oval:org.mitre.oval:def:16894",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16894"
},
{
"name": "54578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83998",
"refsource": "OSVDB",
"url": "http://osvdb.org/83998"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=765218",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765218"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1953",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1959 (GCVE-0-2012-1959)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754044"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "84002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84002"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=737559"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-49.html"
},
{
"name": "oval:org.mitre.oval:def:16920",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16920"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54576"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754044"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "84002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84002"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=737559"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-49.html"
},
{
"name": "oval:org.mitre.oval:def:16920",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16920"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54576"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=754044",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754044"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "84002",
"refsource": "OSVDB",
"url": "http://osvdb.org/84002"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=737559",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=737559"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-49.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-49.html"
},
{
"name": "oval:org.mitre.oval:def:16920",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16920"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54576"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1959",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1954 (GCVE-0-2012-1954)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "oval:org.mitre.oval:def:16984",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83995",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/83995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765139"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "oval:org.mitre.oval:def:16984",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83995",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/83995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765139"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "DSA-2514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49963"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "oval:org.mitre.oval:def:16984",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "83995",
"refsource": "OSVDB",
"url": "http://osvdb.org/83995"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=765139",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765139"
},
{
"name": "49964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1954",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1967 (GCVE-0-2012-1967)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-56.html"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49963"
},
{
"name": "84013",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84013"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17025",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54573",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54573"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758344"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-56.html"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49963"
},
{
"name": "84013",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84013"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17025",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54573",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54573"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758344"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-56.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-56.html"
},
{
"name": "DSA-2514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49963"
},
{
"name": "84013",
"refsource": "OSVDB",
"url": "http://osvdb.org/84013"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17025",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54573"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=758344",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758344"
},
{
"name": "49964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1967",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1958 (GCVE-0-2012-1958)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750820"
},
{
"name": "54574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54574"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-48.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "84001",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84001"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16434",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16434"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750820"
},
{
"name": "54574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54574"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-48.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "84001",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84001"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16434",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16434"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=750820",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750820"
},
{
"name": "54574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54574"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-48.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-48.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "84001",
"refsource": "OSVDB",
"url": "http://osvdb.org/84001"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "oval:org.mitre.oval:def:16434",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16434"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1958",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1955 (GCVE-0-2012-1955)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-45.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757376"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17004",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004"
},
{
"name": "83996",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/83996"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "54586",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-45.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757376"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17004",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004"
},
{
"name": "83996",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/83996"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "54586",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54586"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-45.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-45.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=757376",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757376"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:17004",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004"
},
{
"name": "83996",
"refsource": "OSVDB",
"url": "http://osvdb.org/83996"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
},
{
"name": "54586",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54586"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1955",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1965 (GCVE-0-2012-1965)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17001",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "84012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84012"
},
{
"name": "54579",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54579"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17001",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "84012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84012"
},
{
"name": "54579",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54579"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17001",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "84012",
"refsource": "OSVDB",
"url": "http://osvdb.org/84012"
},
{
"name": "54579",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54579"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1965",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1963 (GCVE-0-2012-1963)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=767778"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:17056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17056"
},
{
"name": "84005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84005"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "54582",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54582"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-53.html"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=767778"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:17056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17056"
},
{
"name": "84005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84005"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "54582",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54582"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-53.html"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=767778",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=767778"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:17056",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17056"
},
{
"name": "84005",
"refsource": "OSVDB",
"url": "http://osvdb.org/84005"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "54582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54582"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-53.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-53.html"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1963",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1966 (GCVE-0-2012-1966)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17037",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "84009",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84009"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-46.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "54577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=734076"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17037",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "84009",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84009"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-46.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "54577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=734076"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "oval:org.mitre.oval:def:17037",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "84009",
"refsource": "OSVDB",
"url": "http://osvdb.org/84009"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-46.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-46.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "54577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54577"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=734076",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=734076"
},
{
"name": "49964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1966",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1948 (GCVE-0-2012-1948)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49963"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=772282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "54580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=763225"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=732233"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750575"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=756600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=749385"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758471"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754989"
},
{
"name": "84007",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746896"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49963"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=772282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "54580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=763225"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=732233"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750575"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=756600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=749385"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758471"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754989"
},
{
"name": "84007",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746896"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "DSA-2514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "49963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49963"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=746103",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746103"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=772282",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=772282"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "54580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=763225",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=763225"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=732233",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=732233"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=750575",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750575"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=756600",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=756600"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=749385",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=749385"
},
{
"name": "49964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=758471",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758471"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=754989",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754989"
},
{
"name": "84007",
"refsource": "OSVDB",
"url": "http://osvdb.org/84007"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=746896",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=746896"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16744",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1948",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1949 (GCVE-0-2012-1949)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757431"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766304"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752662"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=718290"
},
{
"name": "oval:org.mitre.oval:def:17027",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17027"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765179"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "84006",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754725"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=717488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=712914"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=743876"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725499"
},
{
"name": "54580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=738841"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757431"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766304"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752662"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=718290"
},
{
"name": "oval:org.mitre.oval:def:17027",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17027"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765179"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "84006",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754725"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=717488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=712914"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=743876"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725499"
},
{
"name": "54580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=738841"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=757431",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=757431"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=766304",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766304"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=752662",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752662"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=718290",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=718290"
},
{
"name": "oval:org.mitre.oval:def:17027",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17027"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=765179",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=765179"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "84006",
"refsource": "OSVDB",
"url": "http://osvdb.org/84006"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=754725",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=754725"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=766018",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=766018"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=717488",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=717488"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-42.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=712914",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=712914"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=743876",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=743876"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=725499",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725499"
},
{
"name": "54580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54580"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=738841",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=738841"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1949",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1962 (GCVE-0-2012-1962)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84004",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84004"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "54575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54575"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:16729",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16729"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-52.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=764296"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84004",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84004"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "54575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54575"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:16729",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16729"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-52.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=764296"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84004",
"refsource": "OSVDB",
"url": "http://osvdb.org/84004"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "54575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54575"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "oval:org.mitre.oval:def:16729",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16729"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-52.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-52.html"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=764296",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=764296"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1962",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1960 (GCVE-0-2012-1960)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761014"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:16735",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16735"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84010"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "54572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54572"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-50.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761014"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:16735",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16735"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84010"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "54572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54572"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-50.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=761014",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761014"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "oval:org.mitre.oval:def:16735",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16735"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84010",
"refsource": "OSVDB",
"url": "http://osvdb.org/84010"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "54572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54572"
},
{
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-50.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-50.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1960",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1957 (GCVE-0-2012-1957)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84000"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "oval:org.mitre.oval:def:16844",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54583",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54583"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-47.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750096"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84000"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "oval:org.mitre.oval:def:16844",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54583",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54583"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-47.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750096"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "84000",
"refsource": "OSVDB",
"url": "http://osvdb.org/84000"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "oval:org.mitre.oval:def:16844",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "54583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54583"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-47.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-47.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=750096",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=750096"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1957",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1950 (GCVE-0-2012-1950)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-43.html"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724599"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725611"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:16970",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724247"
},
{
"name": "84008",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84008"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-43.html"
},
{
"name": "DSA-2514",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724599"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725611"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:16970",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724247"
},
{
"name": "84008",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84008"
},
{
"name": "49964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-43.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-43.html"
},
{
"name": "DSA-2514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2514"
},
{
"name": "DSA-2528",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2528"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=724599",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724599"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=725611",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=725611"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:16970",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=724247",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=724247"
},
{
"name": "84008",
"refsource": "OSVDB",
"url": "http://osvdb.org/84008"
},
{
"name": "49964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49964"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1950",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1961 (GCVE-0-2012-1961)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54584",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54584"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761655"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-51.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84003",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84003"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16993",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54584",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54584"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761655"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-51.html"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84003",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84003"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16993",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16993"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54584"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=761655",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=761655"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-51.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-51.html"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "84003",
"refsource": "OSVDB",
"url": "http://osvdb.org/84003"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
},
{
"name": "oval:org.mitre.oval:def:16993",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16993"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1961",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1951 (GCVE-0-2012-1951)
Vulnerability from cvelistv5
Published
2012-07-18 10:00
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752902"
},
{
"name": "oval:org.mitre.oval:def:16077",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16077"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "83997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/83997"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752902"
},
{
"name": "oval:org.mitre.oval:def:16077",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16077"
},
{
"name": "SUSE-SU-2012:0896",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49993"
},
{
"name": "83997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/83997"
},
{
"name": "49972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49977"
},
{
"name": "49992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49992"
},
{
"name": "54578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54578"
},
{
"name": "1027256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027256"
},
{
"name": "RHSA-2012:1088",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-44.html"
},
{
"name": "USN-1509-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-2"
},
{
"name": "1027258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027258"
},
{
"name": "49979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49979"
},
{
"name": "SUSE-SU-2012:0895",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
},
{
"name": "USN-1510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1510-1"
},
{
"name": "49965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49965"
},
{
"name": "1027257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027257"
},
{
"name": "openSUSE-SU-2012:0917",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=752902",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=752902"
},
{
"name": "oval:org.mitre.oval:def:16077",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16077"
},
{
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "49994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49994"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "49968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49968"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49993"
},
{
"name": "83997",
"refsource": "OSVDB",
"url": "http://osvdb.org/83997"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1951",
"datePublished": "2012-07-18T10:00:00",
"dateReserved": "2012-03-30T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…