Lucene search

K

MitreCVELIST:CVE-2012-1957

HistoryJul 18, 2012 - 10:00 a.m.

CVE-2012-1957

2012-07-1810:00:00

mitre

www.cve.org

12

AI Score

8.6

Confidence

High

EPSS

0.004

Percentile

73.4%

An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.

References

lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html

osvdb.org/84000

rhn.redhat.com/errata/RHSA-2012-1088.html

secunia.com/advisories/49965

secunia.com/advisories/49968

secunia.com/advisories/49972

secunia.com/advisories/49977

secunia.com/advisories/49979

secunia.com/advisories/49992

secunia.com/advisories/49993

secunia.com/advisories/49994

www.mozilla.org/security/announce/2012/mfsa2012-47.html

www.securityfocus.com/bid/54583

www.securitytracker.com/id?1027256

www.securitytracker.com/id?1027257

www.securitytracker.com/id?1027258

www.ubuntu.com/usn/USN-1509-1

www.ubuntu.com/usn/USN-1509-2

www.ubuntu.com/usn/USN-1510-1

bugzilla.mozilla.org/show_bug.cgi?id=750096

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844

AI Score

8.6

Confidence

High

EPSS

0.004

Percentile

73.4%

Related for CVELIST:CVE-2012-1957

mozilla1 openvas43 cve1 prion1 nvd1 ubuntucve1 suse7 oraclelinux2 nessus35 redhat2 centos2 ubuntu3 veracode16 freebsd1 gentoo1 osv2