Lucene search

K

MitreCVELIST:CVE-2012-3976

HistoryAug 29, 2012 - 10:00 a.m.

CVE-2012-3976

2012-08-2910:00:00

mitre

www.cve.org

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.

References

lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html

rhn.redhat.com/errata/RHSA-2012-1210.html

www.mozilla.org/security/announce/2012/mfsa2012-69.html

www.securityfocus.com/bid/55313

www.ubuntu.com/usn/USN-1548-1

www.ubuntu.com/usn/USN-1548-2

www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

bugzilla.mozilla.org/show_bug.cgi?id=768568

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16060

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

Related for CVELIST:CVE-2012-3976

ubuntucve1 mozilla1 openvas22 prion1 nvd1 cve1 nessus23 veracode19 oraclelinux1 centos1 redhat1 suse4 ubuntu2 securityvulns1 freebsd1 ibm2 gentoo1