Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-4196
HistoryOct 29, 2012 - 6:55 p.m.

CVE-2012-4196

2012-10-2918:55:01
CWE-74
[email protected]
web.nvd.nist.gov
40
cve-2012-4196
mozilla firefox
thunderbird
remote code execution
same origin policy
security vulnerability
nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.8 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.

Affected configurations

NVD
Node
mozillafirefoxRange<16.0.2
OR
mozillafirefox_esrRange10.010.0.10
OR
mozillaseamonkeyRange<2.13.2
OR
mozillathunderbirdRange<16.0.2
OR
mozillathunderbird_esrRange10.010.0.10
Node
opensuseopensuseMatch11.4
OR
opensuseopensuseMatch12.1
OR
opensuseopensuseMatch12.2
OR
suselinux_enterprise_desktopMatch10sp4
OR
suselinux_enterprise_desktopMatch11sp2
OR
suselinux_enterprise_serverMatch10sp4
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_serverMatch11sp2vmware
OR
suselinux_enterprise_software_development_kitMatch10sp4
OR
suselinux_enterprise_software_development_kitMatch11sp2
Node
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch11.04
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch12.10
Node
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_eusMatch6.3
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0

Related

prion 1
cvelist 1
nvd 1
ubuntucve 1
nessus 27
openvas 46
ubuntu 2
veracode 2
freebsd 1
oraclelinux 2
centos 2
suse 3
redhat 2
mozilla 1
securityvulns 1
ibm 2
gentoo 1
prion
prion
Code injection
2012-10-29 18:55:00
cvelist
cvelist
CVE-2012-4196
2012-10-29 18:00:00
nvd
nvd
CVE-2012-4196
2012-10-29 18:55:01
ubuntucve
ubuntucve
CVE-2012-4196
2012-10-26 00:00:00
nessus
nessus
Thunderbird < 16.0.2 Multiple Vulnerabilities (Mac OS X)
2012-10-29 00:00:00
SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7004)
2013-01-25 00:00:00
Firefox 10.x < 10.0.10 Multiple Vulnerabilities
2012-10-29 00:00:00
openvas
openvas
Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Mac OS X)
2012-11-02 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities - November12 (Mac OS X)
2012-11-02 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Windows)
2012-11-02 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2012-10-26 00:00:00
Thunderbird vulnerabilities
2012-10-30 00:00:00
veracode
veracode
Same-Origin Policy Bypass
2019-05-02 04:43:52
Arbitrary Code Execution
2019-05-02 04:43:52
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-26 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-10-29 00:00:00
firefox security update
2012-10-26 00:00:00
centos
centos
thunderbird security update
2012-10-30 03:07:34
firefox, xulrunner security update
2012-10-27 02:12:20
suse
suse
Mozilla Suite: Update to 16.0.2 (important)
2012-10-30 01:08:34
Security update for Mozilla Firefox (important)
2012-10-31 22:08:42
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
redhat
redhat
(RHSA-2012:1413) Important: thunderbird security update
2012-10-29 00:00:00
(RHSA-2012:1407) Critical: firefox security update
2012-10-26 00:00:00
mozilla
mozilla
Fixes for Location object issues — Mozilla
2012-10-26 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified V1.4.1.0 Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.8 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON
Related for CVE-2012-4196
prion1cvelist1nvd1ubuntucve1nessus27openvas46ubuntu2veracode2freebsd1oraclelinux2centos2suse3redhat2mozilla1securityvulns1ibm2gentoo1